CVE-2020-18662

SQL Injection vulnerability in gnuboard5 =v5.3.2.8 via the tableprefix parameter in installdb.php...

📄 Gnuboard5 5.3.2.8 SQL Injection

Gnuboard5 versions 5.3.2.8 and below suffer from a remote SQL injection vulnerability. Exploit Title: Gnuboard5 = 5.3.2.8 SQL Injection via tableprefix Parameter Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/gnuboard/gnuboard5 Software Link:...

Gnuboard5 5.3.2.8 - SQL Injection

Exploit Title: Gnuboard5 5.3.2.8 - SQL Injection Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/gnuboard/gnuboard5 Software Link: https://github.com/gnuboard/gnuboard5 Version: 5.3.2.8 Tested on: Ubuntu Windows CVE : CVE-2020-18662 PoC: 1 POST /install/installdb.p...

Sql injection

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to SQL Injection via the 'tableprefix' parameter in version 0.9.68 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2020-18662

SQL Injection vulnerability in gnuboard5 =v5.3.2.8 via the tableprefix parameter in installdb.php...

CVE-2020-18662

SQL Injection vulnerability in gnuboard5 =v5.3.2.8 via the tableprefix parameter in installdb.php...

CVE-2006-4877

Variable overwrite vulnerability in David Bennett PHP-Post PHPp 1.0 and earlier allows remote attackers to overwrite arbitrary program variables via multiple vectors that use the extract function, as demonstrated by the tableprefix parameter in 1 index.php, 2 profile.php, and 3 header.php...