Description
SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
Exploits (1)
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/50173
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/70686
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1026197
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/17992
Scores
EPSS
0.0077
EPSS Percentile
73.7%
Details
CWE
CWE-89
Status
published
Products (13)
sir/gnuboard
3.30
sir/gnuboard
3.31
sir/gnuboard
3.32
sir/gnuboard
3.33
sir/gnuboard
3.34
sir/gnuboard
3.35
sir/gnuboard
3.36
sir/gnuboard
3.37
sir/gnuboard
3.38
sir/gnuboard
3.39
... and 3 more
Published
Nov 04, 2011
Tracked Since
Feb 18, 2026