EUVD-2006-0162

Malware in sbrugna...

EUVD-2006-0163

Malware in sbrugna...

427BB 2.x Multiple Remote HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12693/info 427BB is reportedly affected by multiple remote HTML injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it in dynamically generated...

427BB 2.2 Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16178/info 427BB is prone to an authentication bypass vulnerability. This issue is due to a failure in the application to properly validate user-supplied data. An attacker can exploit this issue to bypass the authenticati...

427BB 2.2 Showthread.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16169/info 427BB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result...

427BB 2.3.2 - SQL Injection

427BB 2.3.2 - SQL Injection Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Download Script : http://sourceforge.net/projects/fourtwosevenbb/files/ 3rr0r: ./fourtwosevenbb-2.3.2/showpost.php PoC : http://server/path/showpost.php?ForumID=1&post=SQL...

427BB Fourtwosevenbb <= 2.3.2 SQL Injection Exploit

No description provided by source. Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Download Script : http://sourceforge.net/projects/fourtwosevenbb/files/ 3rr0r: ./fourtwosevenbb-2.3.2/showpost.php ?php line 118: $sql = "SELECT ID, UserName, Post, UTime, IP, InReplyTo, ThreadID From " . $tprefix...

CVE-2008-2560

SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows remote attackers to execute arbitrary SQL commands via the post parameter...

CVE-2008-2560

SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows remote attackers to execute arbitrary SQL commands via the post parameter...

CVE-2008-2560

The CVE-2008-2560 entry describes an SQL injection vulnerability in showpost.php for 427BB 2.3.1 . The flaw allows remote attackers to manipulate the database by injecting via the post parameter, potentially leading to arbitrary SQL execution and data exposure or compromise as stated. No concrete...

CVE-2008-2561

Multiple cross-site scripting XSS vulnerabilities in 427BB 2.3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to a register.php, b reminder.php, and c search.php; the 2 uname, 3 email, and 4 email2 parameters to register.php; the 5 email parameter to...

CVE-2008-2561

The CVE-2008-2561 entry documents multiple cross-site scripting (XSS) vulnerabilities in 427BB version 2.3.1. The flaws allow remote attackers to inject arbitrary script/HTML via these vectors: PATH_INFO to register.php, reminder.php, and search.php; the uname, email, and email2 parameters to reg...

427BB 2.3.1 (SQL/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ===================================================== 427BB 2.3.1 SQL/XSS Multiple Remote Vulnerabilities ===================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...

427BB 2.3.1 (SQL/XSS) Multiple Remote Vulnerabilities

No description provided by source. ============================================================ 427BB 2.3.1 SQL/XSS Multiple Remote Vulnerabilities ============================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground...

426bb-sqlxss.txt

============================================================ 427BB 2.3.1 SQL/XSS Multiple Remote Vulnerabilities ============================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

427bb 2.3.1 - SQL Injection Cross-Site Scripting

427bb 2.3.1 - SQL Injection Cross-Site Scripting ============================================================ 427BB 2.3.1 SQL/XSS Multiple Remote Vulnerabilities ============================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...

CVE-2006-0153

427BB 2.2 and 2.2.1 verifies authentication credentials based on the username, authenticated, and usertype cookies, which allows remote attackers to bypass authentication by using a valid username and usertype and setting the authenticated cookie...

CVE-2006-0154

The CVE-2006-0154 issue affects the 427BB software (versions 2.2 and 2.2.1) in the showthread.php component, where the ForumID parameter causes a SQL injection vulnerability. The root cause is an unvalidated input path in the showthread.php handler, allowing remote attackers to execute arbitrary ...

CVE-2006-0153

CVE-2006-0153 affects 427BB Fourtwosevenbb (versions 2.2 and 2.2.1) where authentication credentials are verified using username, authenticated, and usertype cookies. The vulnerability allows remote attackers to bypass authentication by crafting a valid username and usertype and setting the authe...

CVE-2006-0155

Cross-site scripting XSS vulnerability in posts.php in 427BB 2.2 and 2.2.1 allows remote attackers to inject arbitrary Javascript via a new message with a url bbcode tag containing a javascript URI...