Vulnerabilities (CVE)

Filtered by vendor Stewart Howe Subscribe
Filtered by product Celerbb
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-0853 1 Stewart Howe 1 Celerbb 2024-11-21 6.8 MEDIUM N/A
login.php in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allows remote attackers to bypass authentication and obtain administrative access via special characters in the Username parameter, as demonstrated by an admin'# parameter value.
CVE-2009-0852 1 Stewart Howe 1 Celerbb 2024-11-21 5.0 MEDIUM N/A
showme.php in CelerBB 0.0.2 allows remote attackers to obtain "reserved information" via the user parameter.
CVE-2009-0851 1 Stewart Howe 1 Celerbb 2024-11-21 6.8 MEDIUM N/A
Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) viewforum.php and (2) viewtopic.php.