Vulnerabilities > Aves > RPG Board

DATE CVE VULNERABILITY TITLE RISK
2009-08-21 CVE-2008-7028 Improper Authentication vulnerability in Aves RPG Board 0.0.8/0.8
RPG.Board 0.8 Beta2 and earlier allows remote attackers to bypass authentication and gain privileges by setting the keep4u cookie to a certain value.
network
low complexity
aves CWE-287
7.5
7.5
2008-10-24 CVE-2008-4736 SQL Injection vulnerability in Aves RPG Board 0.0.8/0.8
SQL injection vulnerability in index.php in RPG.Board 0.8 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the showtopic parameter.
network
low complexity
aves CWE-89
7.5
7.5