RSS   Podatności dla 'Php infoboard'   RSS

2008-09-30
 
CVE-2008-4334

CWE-264
 

 
PHP infoBoard V.7 Plus allows remote attackers to bypass authentication and gain administrative access by setting the infouser cookie to 1.

 
 
CVE-2008-4333

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in PHP infoBoard V.7 Plus allows remote attackers to inject arbitrary web script or HTML via the isname parameter in a newtopic action.

 
 
CVE-2008-4332

CWE-89
 

 
SQL injection vulnerability in the showjavatopic function in func.php in PHP infoBoard V.7 Plus allows remote attackers to execute arbitrary SQL commands via the idcat parameter to showtopic.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top