Stewart Howe » Celerbb : Security Vulnerabilities, CVEs,
login.php in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allows remote attackers to bypass authentication and obtain administrative access via special characters in the Username parameter, as demonstrated by an admin'# parameter value.
Max CVSS
6.8
EPSS Score
0.65%
Published
2009-03-09
Updated
2018-10-10
showme.php in CelerBB 0.0.2 allows remote attackers to obtain "reserved information" via the user parameter.
Max CVSS
5.0
EPSS Score
0.39%
Published
2009-03-09
Updated
2018-10-10
Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewforum.php and (2) viewtopic.php.
Max CVSS
6.8
EPSS Score
0.10%
Published
2009-03-09
Updated
2018-10-10
3 vulnerabilities found