Vulnerabilities > Pbboard
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-12-05 | CVE-2014-9215 | SQL Injection vulnerability in Pbboard 2.1.4/3.0.1 SQL injection vulnerability in the CheckEmail function in includes/functions.class.php in PBBoard 3.0.1 before 20141128 allows remote attackers to execute arbitrary SQL commands via the email parameter in the register page to index.php. | 7.5 |
2012-02-21 | CVE-2012-1216 | Cross-Site Request Forgery (CSRF) vulnerability in Pbboard 2.1.4 Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in PBBoard 2.1.4 allow remote attackers to hijack the authentication of administrators for requests that (1) upload a file via an add action or (2) change the contents of a file via a dit action. | 6.8 |