Lucene search
K
GravityboardxGravity Board X

4 matches found

CVE
CVE
added 2009/04/09 4:0 p.m.59 views

CVE-2009-1277

CVE-2009-1277 concerns Gravity Board X (GBX) 2.0 Beta. The vulnerability is a SQL injection in index.php via the member_id parameter in a viewprofile action, enabling remote attackers to execute arbitrary SQL commands. The entry notes that a separate board_id issue is covered by CVE-2008-2996. Co...

7.5CVSS8.3AI score0.00975EPSS
CVE
CVE
added 2008/07/03 5:47 p.m.48 views

CVE-2008-2996

GBX 2.0 Beta (Gravity Board X) has multiple SQL injection vulnerabilities in index.php. Specifically, two parameters are exploitable: searchquery in getsearch and board_id in viewboard, and these issues occur when magic_quotes_gpc is disabled. The CVE-2008-2996 entry documents remote execution of...

6.8CVSS8.4AI score0.00916EPSS
CVE
CVE
added 2009/04/09 4:0 p.m.45 views

CVE-2009-1278

Gravity Board X (GBX) 2.0 BETA has a static code injection in forms/ajax/configure.php that allows remote attackers to inject arbitrary PHP code into config.php via the configure action to index.php. Affected: GBX 2.0 BETA; vulnerable file: forms/ajax/configure.php. Root cause: configuration work...

7.5CVSS7.5AI score0.02312EPSS
Web
CVE
CVE
added 2008/07/03 5:47 p.m.43 views

CVE-2008-2997

CVE-2008-2997 : XSS vulnerability in Gravity Board X (GBX) 2.0 Beta. In GBX’s index.php, the subject parameter in the postnewsubmit (create new thread) action can be exploited to inject arbitrary script/HTML. This remote vector could affect users who submit a thread, with the impact described as ...

4.3CVSS5.7AI score0.01445EPSS