VYPR

Newbb Plus Module

by Runcms

CVEs (3)

  • CVE-2008-3354Jul 28, 2008
    risk 0.03cvss epss 0.03

    Multiple PHP remote file inclusion vulnerabilities in the Newbb Plus (newbb_plus) module 0.93 in RunCMS 1.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) bbPath[path] parameter to votepolls.php and the (2) bbPath[root_theme] parameter to config.php,…

  • CVE-2008-0224Jan 10, 2008
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in index.php in the Newbb_plus 0.92 and earlier module in RunCMS 1.6.1 allows remote attackers to execute arbitrary SQL commands via the Client-Ip parameter.

  • CVE-2007-5535Oct 18, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in newbb_plus in RunCms 1.5.2 has unknown impact and attack vectors.