📦

simpleboard

Vendor: two_shoes_mambo_factory

Actively Exploited 0 CISA KEV List

PoC / Exploits 2 Code Available

Total RCEs 1 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 7.91% Exploit Prob.

Latest CVE CVE-2008-1077 Feb 29

Security Vulnerability Index

Page 1 / 1

7.5 CVSS

CVE-2008-1077

Exploit Found

SQL injection vulnerability in index.php in the Simpleboard (com_simpleboard) 1.0.3 Stable component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action.

EPSS: 0.40%

Severity: HIGH

Feb 29, 2008

6.8 CVSS

CVE-2006-3528

RCE Exploit Found

Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) image_upload.php and (2) file_upload.php.

EPSS: 21.61%

Severity: MEDIUM

Jul 12, 2006

6.8 CVSS

CVE-2006-2815

Multiple cross-site scripting (XSS) vulnerabilities in Two Shoes M-Factory (TSMF) SimpleBoard 1.1.0 Stable (aka com_simpleboard), as used in Mambo and Joomla!, allow remote attackers to inject arbitrary web script or HTML via (1) the Name field in "post ne topic" in the Frontend, (2) the Title (aka Community-Title) field in Simpleboard Configuration in the Backend Admin Panel, and the (3) Name (aka Forum-Title) and (4) Name (aka Category-Title) fields in Simpleboard Administration in the Backend Admin Panel. NOTE: some sources have stated that the sb_authorname parameter is affected, but it is unclear which field is related to it.

EPSS: 1.72%

Severity: MEDIUM

Jun 05, 2006

Displaying 3 of 1 Total Entries

Total 1 Sections