Vulnerabilities > Connectix
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-01-31 | CVE-2008-0502 | Code Injection vulnerability in Connectix Boards 0.8.1 PHP remote file inclusion vulnerability in templates/Official/part_userprofile.php in Connectix Boards 0.8.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the template_path parameter. | 7.5 |
2007-03-03 | CVE-2007-1255 | SQL-Injection vulnerability in Connectix Boards Unrestricted file upload vulnerability in admin.bbcode.php in Connectix Boards 0.7 and earlier allows remote authenticated administrators to execute arbitrary PHP code by uploading a crafted GIF smiley image with a .php extension via the uploadimage parameter to admin.php, which can be later accessed via a direct request for the file in smileys/. network connectix | 6.0 |
2007-03-03 | CVE-2007-1254 | SQL-Injection vulnerability in Connectix Boards SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and earlier allows remote authenticated users to execute arbitrary SQL commands and obtain privileges via the p_skin parameter to index.php. | 6.5 |