PHP-Ultimate WebBoard 2.0 - 'admindel.php' Multiple Input Validation Vulnerabilities

Author: t0pP8uZz
type: webapps
platform: php
port: 
date_added: 2008-08-25  
date_updated: 2014-03-16  
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 32295.txt  

source: https://www.securityfocus.com/bid/30822/info

PHP-Ultimate Webboard is prone multiple-input validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input.

Successful exploits will allow unauthorized attackers to delete arbitrary questions and answers. Attackers may also exploit these issues to perform SQL-injection attacks.

PHP-Ultimate Webboard 2.0 is vulnerable; other versions may also be affected.

http://www.example.com/webboard/admindel.php?action=delete&mode=question&qno=[NUM]&ano=[NUM]