PHP Infoboard
by Cannot
CVEs (3)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-4334 | 0.03 | — | 0.02 | Sep 30, 2008 | PHP infoBoard V.7 Plus allows remote attackers to bypass authentication and gain administrative access by setting the infouser cookie to 1. | ||
| CVE-2008-4333 | 0.03 | — | 0.03 | Sep 30, 2008 | Cross-site scripting (XSS) vulnerability in PHP infoBoard V.7 Plus allows remote attackers to inject arbitrary web script or HTML via the isname parameter in a newtopic action. | ||
| CVE-2008-4332 | 0.03 | — | 0.00 | Sep 30, 2008 | SQL injection vulnerability in the showjavatopic function in func.php in PHP infoBoard V.7 Plus allows remote attackers to execute arbitrary SQL commands via the idcat parameter to showtopic.php. |
- CVE-2008-4334Sep 30, 2008risk 0.03cvss —epss 0.02
PHP infoBoard V.7 Plus allows remote attackers to bypass authentication and gain administrative access by setting the infouser cookie to 1.
- CVE-2008-4333Sep 30, 2008risk 0.03cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in PHP infoBoard V.7 Plus allows remote attackers to inject arbitrary web script or HTML via the isname parameter in a newtopic action.
- CVE-2008-4332Sep 30, 2008risk 0.03cvss —epss 0.00
SQL injection vulnerability in the showjavatopic function in func.php in PHP infoBoard V.7 Plus allows remote attackers to execute arbitrary SQL commands via the idcat parameter to showtopic.php.