CVE-2007-4653

Name of the Vulnerable Software and Affected Versions: phpBB versions 2.0.22 and earlier Links MOD version 1.2.2 and earlier

Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the start parameter in a "search" action, specifically targeting the links.php file in the Links MOD for phpBB.

Recommendations: For phpBB versions 2.0.22 and earlier, update to a version later than 2.0.22. For Links MOD version 1.2.2 and earlier, update to a version later than 1.2.2. As a temporary workaround, consider restricting access to the links.php file in the Links MOD to minimize the risk of exploitation. Avoid using the start parameter in the affected search action until the issue is resolved.