4 matches found
Sql injection
SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might overlap CVE-2008-2334, CVE-2008-1939, CVE-2007-2641, or CVE-2007-0920...
CVE-2008-5192
SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might overlap CVE-2008-2334, CVE-2008-1939, CVE-2007-2641, or CVE-2007-0920...
CVE-2008-5192
CVE-2008-5192 concerns a SQL injection vulnerability in forum.asp of W1L3D4 Philboard versions 1.14 and 1.2, exploitable via the forumid parameter. The root cause is an unsafely handled input for forumid that allows arbitrary SQL execution by an attacker. Connected records corroborate the vulnera...
CVE-2008-1939
Concrete details show SQL injection vulnerabilities in W1L3D4 Philboard components across multiple versions (e.g., 0.5, 1.0, 1.14, 1.2) via user-supplied parameters (forumid, id, topic) in various ASP scripts (admin/ paths and forum/ paths). The root cause is improper handling of input leading to...