Scssboard Scssboard : Security vulnerabilities, CVEs

Copy

CVE-2008-5578

Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remote attackers to execute arbitrary SQL commands via (1) the f parameter in a showforum action, (2) the u parameter in a profile action, (3) the viewcat parameter, or (4) a combination of scb_uid and scb_ident cookie values.

Max CVSS

7.5

EPSS Score

0.13%

Published

2008-12-15

Updated

2017-09-29

CVE-2008-5577

PHP remote file inclusion vulnerability in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to execute arbitrary PHP code via a URL in the inc_function parameter.

Max CVSS

7.5

EPSS Score

0.76%

Published

2008-12-15

Updated

2017-09-29

CVE-2008-5576

admin/forums.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to bypass authentication and gain administrative access via a large value of the current_user[users_level] parameter.

Max CVSS

7.5

EPSS Score

0.76%

Published

2008-12-15

Updated

2017-09-29

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!