CVE-2011-5091 - Pleased Feltch

Description

Multiple SQL injection vulnerabilities in GR Board (aka grboard) 1.8.6.5 Community Edition allow remote attackers to execute arbitrary SQL commands via the (1) tableType or (2) blindTarget parameter to view.php (3) the delTargets[0] parameter to view_memo.php or (4) the isReported parameter to write_ok.php.

Reference

http://sirini.net/grboard/board.php?id=developer&articleNo=591 https://exchange.xforce.ibmcloud.com/vulnerabilities/75855