2 matches found
CVE-2007-3051
CVE-2007-3051 describes a SQL injection vulnerability in RevokeSoft RevokeBB 1.0 RC4 and earlier, exploitable via the revokebb_user cookie in inc/class_users.php. The issue allows remote attackers to execute arbitrary SQL commands, with the impact described as partial confidentiality/integrity/av...
CVE-2008-2778
CVE-2008-2778 describes a SQL injection vulnerability in the RevokeBB 1.0 RC11 Search System, specifically in the file inc/class_search.php . The vulnerability allows remote attackers to send a crafted value to the search parameter and cause the application to execute arbitrary SQL commands. The ...