Nivisec » Hacks List : Security Vulnerabilities, CVEs, Published In 2006
SQL injection vulnerability in admin_hacks_list.php in the Nivisec Hacks List 1.21 and earlier phpBB module allows remote attackers to execute arbitrary SQL commands via the hack_id parameter.
Max CVSS
7.5
EPSS Score
0.21%
Published
2006-12-01
Updated
2017-10-19
Directory traversal vulnerability in admin/admin_hacks_list.php in Nivisec Hacks List 1.20 and earlier for phpBB, when register_globals is enabled, allows remote attackers to read arbitrary files via a ".." in the phpEx parameter.
Max CVSS
7.1
EPSS Score
1.05%
Published
2006-05-31
Updated
2018-10-18
2 vulnerabilities found