Multiple SQL injection vulnerabilities in index.php in HB-NS 1.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) topic or (2) id parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| harold_bakker | hb-ns | 1.1.6 |
Multiple cross-site scripting (XSS) vulnerabilities in index.php in HB-NS 1.1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) poster_name, (2) poster_email, (3) poster_homepage, or (4) message parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| harold_bakker | hb-ns | 1.1.6 |