2 matches found
CVE-2006-2050
SQL injection vulnerability in dcboard.cgi in DCScripts DCForumLite 3.0 allows remote attackers to execute arbitrary SQL commands via the az parameter...
CVE-2006-2049
CVE-2006-2049 is a cross-site scripting (XSS) vulnerability in DCScripts DCForumLite 3.0, specifically in the dcboard.cgi handler where the az parameter can be crafted to inject arbitrary web script or HTML. The vulnerability enables remote attackers to inject scripts in victims’ browsers, with t...