Vulnerabilities > XMB Forum > XMB > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-19 | CVE-2006-0778 | Unspecified vulnerability in XMB Forum XMB Multiple SQL injection vulnerabilities in XMB Forums 1.9.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) $u2u_select array parameter to u2u.inc.php and (2) $val variable (fidpw0 cookie value) in today.php. | 7.5 |
| 2005-08-16 | CVE-2005-2575 | Unspecified vulnerability in XMB Forum XMB 1.9.1 SQL injection vulnerability in u2u.inc.php in XMB Forum 1.9.1 allows remote attackers to execute arbitrary SQL commands via certain values that are inserted into the $in variable. | 7.5 |
| 2004-12-31 | CVE-2004-0323 | Unspecified vulnerability in XMB Forum XMB 1.8/1.8Sp1/1.8Sp2 Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to inject arbitrary SQL and gain privileges via the (1) ppp parameter in viewthread.php, (2) desc parameter in misc.php, (3) tpp parameter in forumdisplay.php, (4) ascdesc parameter in forumdisplay.php, or (5) the addon parameter in stats.php. | 7.5 |
| 2004-03-26 | CVE-2004-1864 | Unspecified vulnerability in XMB Forum XMB 1.8Sp3/1.9Beta SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php. | 7.5 |