CVE-2008-4666

Deeserver Ultimate Webboard - SQL Injection

Title source: rule

Description

SQL injection vulnerability in webboard.php in Ultimate Webboard 3.00 allows remote attackers to execute arbitrary SQL commands via the Category parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by CWH Underground · textwebappsphp

https://www.exploit-db.com/exploits/6576

View Code ZIP pw:eip

References (4)

Core 4

Core References

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/4467

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/31424

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/6576

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/45469

Scores

EPSS 0.0041

EPSS Percentile 61.6%

Details

CWE

CWE-89

Status published

Products (1)

deeserver/ultimate_webboard 3.00

Published Oct 22, 2008

Tracked Since Feb 18, 2026