cve/2008/CVE-2008-5578.md

### [CVE-2008-5578](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5578)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remote attackers to execute arbitrary SQL commands via (1) the f parameter in a showforum action, (2) the u parameter in a profile action, (3) the viewcat parameter, or (4) a combination of scb_uid and scb_ident cookie values.

### POC

#### Reference
- http://securityreason.com/securityalert/4739
- https://www.exploit-db.com/exploits/5149

#### Github
No PoCs found on GitHub currently.