cpe:/a:porar:webboard CVE-2008-1039 2008-02-27T14:44:00.000-05:00 2017-09-28T21:30:31.457-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-02-27T15:17:00.000-05:00 ALLOWS_USER_ACCESS BID 27989 SECUNIA 29102 EXPLOIT-DB 5185 XF porar-question-sql-injection(40839) SQL injection vulnerability in question.asp in PORAR WEBBOARD allows remote attackers to execute arbitrary SQL commands via the QID parameter.