SQL injection vulnerability in includes/functions/banners-external.php in phpBP 2 RC3 (2.204) FIX 4 allows remote attackers to execute arbitrary SQL commands via the id parameter in a banner_out...
9.3AI Score
0.009EPSS
SQL injection vulnerability in phpBP RC3 (2.204) and earlier allows remote attackers to execute arbitrary SQL commands via the comment...
8.7AI Score
0.003EPSS
Unrestricted file upload vulnerability in index.php in phpBP RC3 (2.204) and earlier allows remote administrators to inject arbitrary PHP code into an upload/banners/ file via a banners add operation that uploads the PHP code through an image_form parameter specifying a multiple-extension filename....
8AI Score
0.003EPSS