CVE-2005-2566

Name of the Vulnerable Software and Affected Versions OpenBB (affected versions not specified)

Description The issue concerns SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands. This can be achieved via the FID parameter to "board.php" or the UID parameter to "member.php".

Recommendations For all affected versions, consider restricting access to the "board.php" and "member.php" scripts until a patch is available. As a temporary workaround, avoid using the FID parameter in the "board.php" script and the UID parameter in the "member.php" script to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.