CVE-2009-0851

Publication date

2009-03-09 17:00:00

Family

mitre

State

PUBLISHED

Description

Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewforum.php and (2) viewtopic.php.