Vulnerabilities > Babbleboard
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-08-06 | CVE-2008-6906 | Cross-Site Scripting vulnerability in Babbleboard 1.1.6 Cross-site scripting (XSS) vulnerability in index.php in BabbleBoard 1.1.6 allows remote attackers to inject arbitrary web script or HTML via the username. | 4.3 |
2009-08-06 | CVE-2008-6905 | Cross-Site Request Forgery (CSRF) vulnerability in Babbleboard 1.1.6 Cross-site request forgery (CSRF) vulnerability in index.php in BabbleBoard 1.1.6 allows remote authenticated users to hijack the authentication of administrators for requests that delete (1) categories or (2) groups; (3) ban users; or (4) delete users via the admin page. | 6.0 |