Vulnerabilities > Phpbp

DATE	CVE	VULNERABILITY TITLE	RISK
2007-01-19	CVE-2007-0370	SQL-Injection vulnerability in PHPbp Rc32.204 Unrestricted file upload vulnerability in index.php in phpBP RC3 (2.204) and earlier allows remote administrators to inject arbitrary PHP code into an upload/banners/ file via a banners add operation that uploads the PHP code through an image_form parameter specifying a multiple-extension filename such as .jpg.vil.gif.php, which is stored in upload/banners/ under a different name, and executable via a direct request. network low complexity phpbp	7.5
2007-01-19	CVE-2007-0369	SQL-Injection vulnerability in PHPbp Rc32.204 SQL injection vulnerability in phpBP RC3 (2.204) and earlier allows remote attackers to execute arbitrary SQL commands via the comment forum. network low complexity phpbp	7.5

Vulnerabilities > Phpbp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Phpbp"}]}