QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2008-2996

Back to search

CVE-2008-2996

Published: Jul 3, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in index.php in Gravity Board X (GBX) 2.0 Beta, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchquery parameter in a getsearch action, and the (2) board_id parameter in a viewboard action.

VendorProductVersions

n/a

n/a

affected
n/a

References

gbx-index-sql-injection(43022)
vdb-entry
x_refsource_XF
29685
vdb-entry
x_refsource_BID
5791
exploit
x_refsource_EXPLOIT-DB
3970
third-party-advisory
x_refsource_SREASON

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now