Vulnerabilities > SIR > Gnuboard > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-04-11 CVE-2022-1252 Use of a Broken or Risky Cryptographic Algorithm vulnerability in SIR Gnuboard
Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5.
network
low complexity
sir CWE-327
critical
9.1
2021-06-24 CVE-2020-18662 SQL Injection vulnerability in SIR Gnuboard
SQL Injection vulnerability in gnuboard5 <=v5.3.2.8 via the table_prefix parameter in install_db.php.
network
low complexity
sir CWE-89
critical
9.8
2005-05-02 CVE-2005-0269 Improper Handling of Case Sensitivity vulnerability in SIR Gnuboard 3.40
The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters.
network
low complexity
sir CWE-178
critical
9.8