CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 2CVE-2008-4766
https://notcve.org/view.php?id=CVE-2008-4766
SQL injection vulnerability in member.php in Oxygen Bulletin Board 1.1.3 allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de inyección SQL en member.php en Oxygen Bulletin Board v1.1.3 permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "member". NOTA: el origen de esta información es desconocido. Los detalles han sido obtenidos a partir de terceros. • http://www.securityfocus.com/bid/28651 http://www.securityfocus.com/bid/28651/exploit https://exchange.xforce.ibmcloud.com/vulnerabilities/41703 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2008-2816 – Oxygen 2.0 - 'repquote' SQL Injection
https://notcve.org/view.php?id=CVE-2008-2816
SQL injection vulnerability in post.php in Oxygen (aka O2PHP Bulletin Board) 2.0 allows remote attackers to execute arbitrary SQL commands via the repquote parameter in a reply action, a different vector than CVE-2006-1572. Vulnerabilidad de inyección SQL en post.php de Oxygen (también conocido como O2PHP Bulletin Board) 2.0 permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro repquote en una acción reply, un vector distinto a CVE-2006-1572. • https://www.exploit-db.com/exploits/5828 http://www.securityfocus.com/bid/29729 https://exchange.xforce.ibmcloud.com/vulnerabilities/43113 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2006-6280 – Oxygen 1.1.3 (O2PHP Bulletin Board) - SQL Injection
https://notcve.org/view.php?id=CVE-2006-6280
SQL injection vulnerability in viewthread.php in Oxygen (O2PHP Bulletin Board) 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-1572. Vulnerabilidad de inyección SQL en viewthread.php de Oxygen (O2PHP Bulletin Board) 1.1.3 y anteriores permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro pid, un vector distinto de CVE-2006-1572. • https://www.exploit-db.com/exploits/2810 http://acid-root.new.fr/poc/14061118.txt http://securityreason.com/securityalert/1958 http://www.securityfocus.com/archive/1/452009/100/200/threaded http://www.securityfocus.com/bid/21172 https://exchange.xforce.ibmcloud.com/vulnerabilities/30388 •
CVSS: 5.0EPSS: 2%CPEs: 5EXPL: 1CVE-2006-1572 – O2PHP Oxygen 1.0/1.1 - 'post.php' SQL Injection
https://notcve.org/view.php?id=CVE-2006-1572
SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a newthread action. • https://www.exploit-db.com/exploits/27535 http://secunia.com/advisories/19481 http://securityreason.com/securityalert/658 http://www.osvdb.org/24287 http://www.securityfocus.com/archive/1/429474/100/0/threaded http://www.securityfocus.com/bid/17324 http://www.vupen.com/english/advisories/2006/1181 https://exchange.xforce.ibmcloud.com/vulnerabilities/25570 •