CVE-2008-4431
SQL injection vulnerability in index.php in IceBB 1.0-rc9.3 and earlier allows remote attackers to execute arbitrary SQL commands via the skin parameter, probably related to an incorrect protection mechanism in the clean_string function in includes/functions.php.
| Software | From | Fixed in |
|---|---|---|
| icebb / icebb | 0.9.2 | 0.9.2.x |
| icebb / icebb | 1.0-rc8 | 1.0-rc8.x |
| icebb / icebb | 1.0-rc9.1 | 1.0-rc9.1.x |
| icebb / icebb | 0.9-rc1 | 0.9-rc1.x |
| icebb / icebb | 0.9.2.1 | 0.9.2.1.x |
| icebb / icebb | 1.0-rc6 | 1.0-rc6.x |
| icebb / icebb | - | 1.0.x |
| icebb / icebb | 0.9.3.1 | 0.9.3.1.x |
| icebb / icebb | 1.0-rc7 | 1.0-rc7.x |
| icebb / icebb | 0.9.3 | 0.9.3.x |
| icebb / icebb | 0.9.1 | 0.9.1.x |
| icebb / icebb | 1.0-rc9.2 | 1.0-rc9.2.x |
| icebb / icebb | 1.0-rc9 | 1.0-rc9.x |
| icebb / icebb | 1.0-rc5.1 | 1.0-rc5.1.x |
| icebb / icebb | 1.0-rc5 | 1.0-rc5.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime