2 matches found
CVE-2008-2561
The CVE-2008-2561 entry documents multiple cross-site scripting (XSS) vulnerabilities in 427BB version 2.3.1. The flaws allow remote attackers to inject arbitrary script/HTML via these vectors: PATH_INFO to register.php, reminder.php, and search.php; the uname, email, and email2 parameters to reg...
CVE-2008-2560
The CVE-2008-2560 entry describes an SQL injection vulnerability in showpost.php for 427BB 2.3.1 . The flaw allows remote attackers to manipulate the database by injecting via the post parameter, potentially leading to arbitrary SQL execution and data exposure or compromise as stated. No concrete...