haZl0oh

1 exploit Active since Jul 2008
CVE-2008-3035 EXPLOITDB text WORKING POC
xchangeboard < 1.70 - Authenticated SQL Injection via newThread.php boardID Parameter
SQL injection vulnerability in newThread.php in XchangeBoard 1.70 Final and earlier allows remote authenticated users to execute arbitrary SQL commands via the boardID parameter.