2020

CVE-2020-12766 (v3: 9.8) 9 May 2020
Gnuteca 3.8 allows action=main:search:simpleSearch SQL Injection via the exemplaryStatusId parameter.

2019

2018

2017

2016

2015

CVE-2015-6516 (v2: 6.5) 18 Aug 2015
SQL injection vulnerability in cygnux.org sysPass 1.0.9 and earlier allows remote authenticated users to execute arbitrary SQL commands via the search parameter to ajax/ajax_search.php.

2014

CVE-2014-2339 (v2: 6.5) 19 Mar 2014
Multiple SQL injection vulnerabilities in bbs/ajax.autosave.php in GNUboard 5.x and possibly earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) subject or (2) content parameter.

2013

2012

2011

CVE-2011-4066 (v2: 7.5) 4 Nov 2011
SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.