Vulnerabilities > SIR > Gnuboard > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-11 | CVE-2022-1252 | Unspecified vulnerability in SIR Gnuboard Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. | 9.1 |
2021-06-24 | CVE-2020-18662 | SQL Injection vulnerability in SIR Gnuboard SQL Injection vulnerability in gnuboard5 <=v5.3.2.8 via the table_prefix parameter in install_db.php. | 9.8 |
2005-05-02 | CVE-2005-0269 | Improper Handling of Case Sensitivity vulnerability in SIR Gnuboard 3.40 The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters. | 9.8 |