bb_func_unsub.php in MiniBB 3.1 before 20141127 uses an incorrect regular expression, which allows remote attackers to conduct SQl injection attacks via the code parameter in an unsubscribe action to index.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-12-31T21:00:00
Updated: 2014-12-31T20:57:00
Reserved: 2014-12-04T00:00:00
Link: CVE-2014-9254
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-12-31T21:59:02.140
Modified: 2015-01-03T01:30:19.640
Link: CVE-2014-9254
JSON object: View
Redhat Information
No data.
CWE