4 matches found
CVE-2008-4334
PHP infoBoard V.7 Plus allows remote attackers to bypass authentication and gain administrative access by setting the infouser cookie to 1...
CVE-2008-4332
CVE-2008-4332 affects PHP infoBoard V.7 Plus. The vulnerability is an SQL injection in the showjavatopic function (func.php) that allows an attacker to manipulate SQL via the idcat parameter to showtopic.php. This could enable arbitrary SQL execution, depending on the database permissions. The co...
CVE-2008-4333
Cross-site scripting XSS vulnerability in PHP infoBoard V.7 Plus allows remote attackers to inject arbitrary web script or HTML via the isname parameter in a newtopic action...
CVE-2008-4332
SQL injection vulnerability in the showjavatopic function in func.php in PHP infoBoard V.7 Plus allows remote attackers to execute arbitrary SQL commands via the idcat parameter to showtopic.php...