29 matches found
EUVD-2006-2864
Malware in sbrugna...
EUVD-2005-0727
Malware in sbrugna...
CVE-2018-17037
user/editpost.php in UCMS 1.4.6 mishandles levels, which allows escalation from the normal user level of 1 to the superuser level of 3...
UBBCentral UBB.threads 6.0 Editpost.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12784/info It is reported that UBB.threads is prone to an SQL injection vulnerability. The SQL injection vulnerability is reported to affect the 'editpost.php' script. UBB.threads 6.0 is reported prone to this issue. It i...
FunkBoard 0.66 editpost.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14507/info FunkBoard is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues t...
CoolForum 0.x Editpost.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18268/info CoolForum is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow...
MyBB (editpost.php, posthash) - SQL Injection Vulnerability
No description provided by source. MyBB 1.6.9 is vulnerable to Stored, Error based, SQL Injection. Vulnerable code: /editpost.php === Line 398 === $posthashquery = posthash='$posthash' OR ; === It can be done by using Tamper DataOr Live HTTP Headers, and when submitting a post, edit the 'posthash...
MyBB editpost.php SQL Injection
MyBB...
MyBB 1.6.9 - editpost.php?posthash Blind SQL Injection
MyBB 1.6.9 - editpost.php?posthash Blind SQL Injection MyBB...
MyBB 1.6.9 - 'editpost.php?posthash' Blind SQL Injection
MyBB...
MyBB <1.6.9 (editpost.php, posthash) SQL Injection Vulnerability
Exploit for php platform in category web applications MyBB 1.6.9 is vulnerable to Stored, Error based, SQL Injection. Vulnerable code: /editpost.php === Line 398 === $posthashquery = "posthash='$posthash' OR "; === It can be done by using Tamper DataOr Live HTTP Headers, and when submitting a pos...
CVE-2010-4522
Multiple cross-site scripting XSS vulnerabilities in MyBB aka MyBulletinBoard 1.4.14, and 1.6.x before 1.6.1, allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 editpost.php, 2 member.php, and 3 newreply.php...
CVE-2010-4522
MyBB versions 1.4.14 and 1.6.x before 1.6.1 contain multiple XSS vulnerabilities that allow remote attackers to inject arbitrary script/HTML via editpost.php, member.php, and newreply.php. Root cause is improper input handling in those endpoints leading to stored/reflected input being executed in...
Sql injection
SQL injection vulnerability in editpost.php in phpMyForum before 4.1.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information...
CVE-2007-4107
SQL injection vulnerability in editpost.php in phpMyForum before 4.1.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information...
CVE-2007-4107
SQL injection vulnerability in editpost.php in phpMyForum before 4.1.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information...
CVE-2007-4107
CVE-2007-4107 describes an SQL injection in editpost.php of phpMyForum prior to 4.1.4, allowing remote attackers to execute arbitrary SQL commands via unspecified vectors. Affected software: phpMyForum (before 4.1.4). The underlying cause is an injection vulnerability in the editpost path. Report...
CVE-2006-3420
CVE-2006-3420 affects MyBulletinBoard (MyBB) prior to version 1.1.5. The issue is a cross-site request forgery (CSRF) in editpost.php that lets an attacker perform actions as a logged-in user, including deleting arbitrary forum posts, by using a bbcode IMG tag with a modified delete parameter in ...
CVE-2006-2951
Multiple cross-site scripting XSS vulnerabilities in Net Portal Dynamic System NPDS 5.10 and earlier allow remote attackers to inject arbitrary web script and HTML via the 1 Titlesitename or 2 sitename parameter to a header.php, 3 nukeurl parameter to b meta/meta.php, 4 forum parameter to c...
CVE-2006-2951
CVE-2006-2951 concerns multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS)