Vulnerabilities > Aspindir > Philboard

DATE CVE VULNERABILITY TITLE RISK
2008-05-19 CVE-2008-2334 SQL Injection vulnerability in Aspindir Philboard 0.5
Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) W1L3D4_foruma_yeni_konu_ac.asp; the (2) id parameter to (d) W1L3D4_konuoku.asp and (e) W1L3D4_konuya_mesaj_yaz.asp; and the (3) topic parameter to W1L3D4_konuya_mesaj_yaz.asp, different vectors than CVE-2008-1939, CVE-2007-2641, and CVE-2007-0920.
network
low complexity
aspindir CWE-89
7.5
7.5
2008-04-25 CVE-2008-1939 SQL Injection vulnerability in Aspindir Philboard 1.0
Multiple SQL injection vulnerabilities in W1L3D4 Philboard 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) topic parameters to (a) philboard_reply.asp, and the (3) forumid parameter to (b) philboard_newtopic.asp, different vectors than CVE-2007-2641 and CVE-2007-0920.
network
low complexity
aspindir CWE-89
7.5
7.5