3 matches found
CVE-2008-3710
CVE-2008-3710 relates to CyBoards PHP Lite 1.21, where multiple directory traversal flaws allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) script_path parameter to options.php and the (2) lang_code parameter to copy_vip.php and proce...
CVE-2008-3707
CVE-2008-3707 describes multiple PHP remote file inclusion vulnerabilities in CyBoards PHP Lite (versions around 1.21/1.25) that allow an attacker to execute arbitrary PHP code by supplying a malicious URL in the script_path parameter to a long list of scripts (e.g., flat_read.php, post.php, proc...
CVE-2008-3709
CVE-2008-3709 describes multiple cross-site scripting (XSS) vulnerabilities in CyBoards PHP Lite 1.21. The issue allows remote attackers to inject arbitrary web script or HTML via parameters in options.php (lOptionsOptions, lNavAdminOptions) or subscribe.php (lNavReturn). The connected records co...