Vulnerabilities > Badongo

DATE CVE VULNERABILITY TITLE RISK
2008-05-28 CVE-2008-2493 Cross-Site Scripting vulnerability in Badongo Campus Bulletin Board 3.4
Cross-site scripting (XSS) vulnerability in post3/Book.asp in Campus Bulletin Board 3.4 allows remote attackers to inject arbitrary web script or HTML via the review parameter.
network
badongo CWE-79
4.3
2008-05-28 CVE-2008-2492 SQL Injection vulnerability in Badongo Campus Bulletin Board 3.4
Multiple SQL injection vulnerabilities in Campus Bulletin Board 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to post3/view.asp and the (2) review parameter to post3/book.asp.
network
low complexity
badongo CWE-89
7.5
2008-05-28 CVE-2008-2479 SQL Injection vulnerability in Badongo PHPfix 2.0
Multiple SQL injection vulnerabilities in phpFix 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) kind parameter to fix/browse.php and the (2) account parameter to auth/00_pass.php.
network
badongo CWE-89
6.8