Vulnerabilities > Phpbb Group > Phpbb Auction > High

DATE CVE VULNERABILITY TITLE RISK
2006-07-31 CVE-2006-3940 SQL Injection vulnerability in PHPbb Group PHPbb-Auction 1.0M/1.2M/1.3M
Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via (1) the ar parameter in auction_room.php and (2) the u parameter in auction_store.php.
network
low complexity
phpbb-group
7.5
7.5