CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2007-3052 – PNPHPBB2 < 1.2 - 'index.php' SQL Injection
https://notcve.org/view.php?id=CVE-2007-3052
SQL injection vulnerability in index.php in the PNphpBB2 1.2i and earlier module for PostNuke allows remote attackers to execute arbitrary SQL commands via the c parameter. Vulnerabilidad de inyección SQL en index.php en el módulo PNphpBB2 1.2i y anteriores para PostNuke permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro c. • https://www.exploit-db.com/exploits/4026 http://osvdb.org/35424 http://secunia.com/advisories/25480 http://www.securityfocus.com/bid/24295 http://www.vupen.com/english/advisories/2007/2037 https://exchange.xforce.ibmcloud.com/vulnerabilities/34668 •
CVSS: 7.5EPSS: 10%CPEs: 1EXPL: 2CVE-2006-4968 – PNPHPBB2 < 1.2g - 'phpbb_root_path' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-4968
PHP remote file inclusion vulnerability in includes/functions_admin.php in PNphpBB 1.2g allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Vulnerabilidad PHP de inclusión remota de archivo en includes/functions_admin.php en PNphpBB 1.2g permite a un atacante remoto ejecutar código PHP de su elección a través de una URL en el parámetro phpbb_root_path. • https://www.exploit-db.com/exploits/2390 http://noc.postnuke.com/frs/download.php/1094/patch_1.2g-1.2i.diff.gz http://securitytracker.com/id?1016912 http://www.securityfocus.com/archive/1/446267/100/0/threaded http://www.securityfocus.com/archive/1/446568/100/0/threaded http://www.securityfocus.com/archive/1/446617 http://www.securityfocus.com/bid/20097 http://www.vupen.com/english/advisories/2006/3671 https://exchange.xforce.ibmcloud.com/vulnerabilities/29014 •