CyberSec.Space Logo
Back to CVE Browser

CVE-2007-1254

MEDIUM
6.5
CVSS Severity Score
EPSS Score0.1950%
EPSS Percentile2.20th
PublishedMar 3, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and earlier allows remote authenticated users to execute arbitrary SQL commands and obtain privileges via the p_skin parameter to index.php.

Affected Platforms (CPE)

πŸ“¦
Connectix

Connectix Boards

= 0.4
πŸ“¦
Connectix

Connectix Boards

= 0.4.1
πŸ“¦
Connectix

Connectix Boards

= 0.4.2
πŸ“¦
Connectix

Connectix Boards

= 0.4.3
πŸ“¦
Connectix

Connectix Boards

= 0.4.4
πŸ“¦
Connectix

Connectix Boards

= 0.5
πŸ“¦
Connectix

Connectix Boards

= 0.5.1
πŸ“¦
Connectix

Connectix Boards

= 0.5.2
πŸ“¦
Connectix

Connectix Boards

= 0.5.3
πŸ“¦
Connectix

Connectix Boards

= 0.5.4
πŸ“¦
Connectix

Connectix Boards

= 0.5.5
πŸ“¦
Connectix

Connectix Boards

= 0.6
πŸ“¦
Connectix

Connectix Boards

= 0.6.1
πŸ“¦
Connectix

Connectix Boards

= 0.7

References & Advisories

πŸ”— http://osvdb.org/33537
πŸ”— http://secunia.com/advisories/24255
πŸ”— http://securityreason.com/securityalert/2364
πŸ”— http://www.securityfocus.com/archive/1/460947/100/0/threaded
πŸ”— https://www.exploit-db.com/exploits/3352
πŸ”— http://osvdb.org/33537
πŸ”— http://secunia.com/advisories/24255
πŸ”— http://securityreason.com/securityalert/2364

Related Vulnerabilities

CVE-2008-05027.5

PHP remote file inclusion vulnerability in templates/Official/part_userprofile.php in Connectix Boards 0.8.2 and earlier allows re...

CVE-2007-12556.0

Unrestricted file upload vulnerability in admin.bbcode.php in Connectix Boards 0.7 and earlier allows remote authenticated adminis...

CVE-2007-182210.0

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailbo...

CVE-2007-140810.0

Multiple vulnerabilities in (1) bank.php, (2) landfill.php, (3) outposts.php, (4) tribes.php, (5) house.php, (6) tribearmor.php, (...