GoLd_M = [Mahmood_ali]

2 exploits Active since Jul 2007
CVE-2007-3589 EXPLOITDB text WORKING POC
b1gbb 2.24.0 - SQL Injection via id Parameter
Multiple SQL injection vulnerabilities in b1gbb 2.24.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) showthread.php or (2) showboard.php.
CVE-2007-3590 EXPLOITDB text WORKING POC
b1gBB 2.24.0 - Cross-Site Scripting via User Parameter
Cross-site scripting (XSS) vulnerability in visitenkarte.php in b1gBB 2.24.0 allows remote attackers to inject arbitrary web script or HTML via the user parameter.