VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 4, 2011· Updated Apr 29, 2026

CVE-2011-4066

CVE-2011-4066

Description

SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.

Affected products

13
  • Sir/Gnuboard13 versions
    cpe:2.3:a:sir:gnuboard:*:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:sir:gnuboard:*:*:*:*:*:*:*:*range: <=4.33.02
    • cpe:2.3:a:sir:gnuboard:3.30:*:*:*:*:*:*:*
    • cpe:2.3:a:sir:gnuboard:3.31:*:*:*:*:*:*:*
    • cpe:2.3:a:sir:gnuboard:3.32:*:*:*:*:*:*:*
    • cpe:2.3:a:sir:gnuboard:3.33:*:*:*:*:*:*:*
    • cpe:2.3:a:sir:gnuboard:3.34:*:*:*:*:*:*:*
    • cpe:2.3:a:sir:gnuboard:3.35:*:*:*:*:*:*:*
    • cpe:2.3:a:sir:gnuboard:3.36:*:*:*:*:*:*:*
    • cpe:2.3:a:sir:gnuboard:3.37:*:*:*:*:*:*:*
    • cpe:2.3:a:sir:gnuboard:3.38:*:*:*:*:*:*:*
    • cpe:2.3:a:sir:gnuboard:3.39:*:*:*:*:*:*:*
    • cpe:2.3:a:sir:gnuboard:3.40:*:*:*:*:*:*:*
    • cpe:2.3:a:sir:gnuboard:4.31.03:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.