cbcvebase.
CVE-2007-1254
published 2007-03-03

CVE-2007-1254: SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and earlier allows remote authenticated users to execute arbitrary SQL commands and…

PriorityP431medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EXPLOIT
EPSS
0.95%
56.6th percentile
SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and earlier allows remote authenticated users to execute arbitrary SQL commands and obtain privileges via the p_skin parameter to index.php.

Affected

14 ranges
VendorProductVersion rangeFixed in
connectixconnectix_boards
connectixconnectix_boards
connectixconnectix_boards
connectixconnectix_boards
connectixconnectix_boards
connectixconnectix_boards
connectixconnectix_boards
connectixconnectix_boards
connectixconnectix_boards
connectixconnectix_boards
connectixconnectix_boards
connectixconnectix_boards
connectixconnectix_boards
connectixconnectix_boards
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.