E-market Security Vulnerabilities

CVE-2009-3152

Multiple cross-site scripting (XSS) vulnerabilities in becommunity/community/index.php in NTSOFT BBS E-Market Professional allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) bt_code, and (3) b_no parameters in a board view...

CVE-2007-3934

PHP remote file inclusion vulnerability in postscript/postscript.php in BBS E-Market allows remote attackers to execute arbitrary PHP code via a URL in the p_mode...