CVE-2011-4066 | SynScan

Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2011-4066

SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.

Published: Nov 4, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-4066
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
sir / gnuboard	3.37	3.37.x
sir / gnuboard	3.31	3.31.x
sir / gnuboard	3.40	3.40.x
sir / gnuboard	3.32	3.32.x
sir / gnuboard	3.39	3.39.x
sir / gnuboard	3.38	3.38.x
sir / gnuboard	-	4.33.02.x
sir / gnuboard	4.31.03	4.31.03.x
sir / gnuboard	3.34	3.34.x
sir / gnuboard	3.35	3.35.x
sir / gnuboard	3.33	3.33.x
sir / gnuboard	3.30	3.30.x
sir / gnuboard	3.36	3.36.x