427bb : Security Vulnerabilities, CVEs, CVSS score >= 5
SQL injection vulnerability in showthread.php in 427BB 2.2 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the ForumID parameter.
Max CVSS
7.5
EPSS Score
0.97%
Published
2006-01-10
Updated
2018-10-19
427BB 2.2 and 2.2.1 verifies authentication credentials based on the username, authenticated, and usertype cookies, which allows remote attackers to bypass authentication by using a valid username and usertype and setting the authenticated cookie.
Max CVSS
7.5
EPSS Score
26.40%
Published
2006-01-10
Updated
2018-10-19
2 vulnerabilities found