SQL injection vulnerability in newThread.php in XchangeBoard 1.70 Final and earlier allows remote authenticated users to execute arbitrary SQL commands via the boardID...
8.8AI Score
0.001EPSS
SQL injection vulnerability in XchangeBoard 1.70, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginNick parameter during login. NOTE: the provenance of this information is unknown; the details are obtained from third...
9.1AI Score
0.003EPSS
Multiple SQL injection vulnerabilities in the checkUser function in inc/DBInterface.php in XchangeBoard 1.70 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) userNick or (2) password parameters. NOTE: the provenance of this...
9.4AI Score
0.001EPSS