VYPR

Scssboard

by Scssboard

CVEs (6)

  • CVE-2008-5578Dec 15, 2008
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remote attackers to execute arbitrary SQL commands via (1) the f parameter in a showforum action, (2) the u parameter in a profile action, (3) the viewcat parameter, or (4) a…

  • CVE-2008-5577Dec 15, 2008
    risk 0.03cvss epss 0.02

    PHP remote file inclusion vulnerability in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to execute arbitrary PHP code via a URL in the inc_function parameter.

  • CVE-2008-5576Dec 15, 2008
    risk 0.03cvss epss 0.03

    admin/forums.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to bypass authentication and gain administrative access via a large value of the current_user[users_level] parameter.

  • CVE-2005-3837Nov 26, 2005
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the search module in sCssBoard 1.2 and 1.12, and earlier versions, allows remote attackers to inject arbitrary web script or HTML via the search_term parameter.

  • CVE-2005-1069May 2, 2005
    risk 0.00cvss epss 0.02

    Unknown vulnerability in sCssBoard 1.11 and earlier has unknown impact, related to "an exploit on the Profile page."

  • CVE-2005-1068May 2, 2005
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in sCssBoard 1.11 and earlier allows remote attackers to execute arbitrary Javascript via [url] tags.