Vulnerabilities > SIR > Gnuboard > 3.37
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-11-04 | CVE-2011-4066 | SQL Injection vulnerability in SIR Gnuboard SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO. | 7.5 |
2004-12-31 | CVE-2004-1403 | Remote File Include vulnerability in SIR GNUBoard PHP remote file inclusion vulnerability in index.php in GNUBoard 3.39 and earlier allows remote attackers to execute arbitrary PHP code by modifying the doc parameter to reference a URL on a remote web server that contains the code. | 7.5 |