Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026
CVE-2004-1966
CVE-2004-1966
Description
Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) forums parameter in search.php, or (4) PID or FID parameters in post.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:openbb:openbb:1.0.0_beta1:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:openbb:openbb:1.0.0_beta1:*:*:*:*:*:*:*
- cpe:2.3:a:openbb:openbb:1.0.0_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:openbb:openbb:1.0.0_rc2:*:*:*:*:*:*:*
- cpe:2.3:a:openbb:openbb:1.0.0_rc3:*:*:*:*:*:*:*
- cpe:2.3:a:openbb:openbb:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:openbb:openbb:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:openbb:openbb:1.0.8:*:*:*:*:*:*:*
- Range: <=1.0.6
Patches
Vulnerability mechanics
References
5- secunia.com/advisories/11481nvdExploit
- securitytracker.com/idnvdExploit
- www.securityfocus.com/bid/10214nvdExploit
- marc.infonvd
- exchange.xforce.ibmcloud.com/vulnerabilities/15964nvd
News mentions
0No linked articles in our index yet.