cpe:/a:haudenschilt:battlenet_clan_script:1.5.2 CVE-2008-3556 2008-08-08T15:41:00.000-04:00 2017-08-07T21:31:58.873-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-08-11T12:56:00.000-04:00 BUGTRAQ 20080806 MyClan Sql Injection BID 30565 SREASON 4119 XF battlenetclanscript-index-sql-injection(44262) Multiple SQL injection vulnerabilities in index.php in Battle.net Clan Script 1.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) showmember parameter in a members action and the (2) thread parameter in a board action. NOTE: vector 1 might be the same as CVE-2008-2522.