2026-03-25 13:31:52
INCIBE
PUBLISHED
A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via calls[0][message_ids][] parameter in /supportboard/include/ajax.php endpoint.