CVE-2005-3916

Name of the Vulnerable Software and Affected Versions WSN Forum version 1.21

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the id parameter in a profile action within the memberlist.php file.

Recommendations For WSN Forum version 1.21, consider restricting access to the memberlist.php file or the profile action until a patch is available. As a temporary workaround, avoid using the id parameter in the affected profile action to minimize the risk of exploitation.