Vulnerabilities > Xchangeboard > Xchangeboard > 1.70
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-10-25 | CVE-2006-5488 | SQL Injection vulnerability in Xchangeboard 1.70 SQL injection vulnerability in XchangeBoard 1.70, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginNick parameter during login. | 7.5 |