GNUBOARD5 SQL Injection Vulnerability

GNUBOARD5 is a Web forum system based on PHP and MySQL. A SQL injection vulnerability exists in GNUBOARD5 5.3.2.8 and earlier versions. The vulnerability can be exploited to conduct SQL injection attacks via the tableprefix parameter in installdb.php...

CVE-2005-1636

mysqlinstalldb in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysqlinstalldb.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents...