CVE-2006-0154

The CVE-2006-0154 issue affects the 427BB software (versions 2.2 and 2.2.1) in the showthread.php component, where the ForumID parameter causes a SQL injection vulnerability. The root cause is an unvalidated input path in the showthread.php handler, allowing remote attackers to execute arbitrary ...

CVE-2006-0155

Cross-site scripting XSS vulnerability in posts.php in 427BB 2.2 and 2.2.1 allows remote attackers to inject arbitrary Javascript via a new message with a url bbcode tag containing a javascript URI...

CVE-2006-0155

CVE-2006-0155 describes a cross-site scripting (XSS) flaw in the 427BB web app, specifically in posts.php across versions 2.2 and 2.2.1. The issue arises when a user submits a new message that uses a url BBCode tag containing a javascript URI, allowing remote attackers to inject arbitrary JavaScr...

CVE-2005-0629

The CVE-2005-0629 issue concerns multiple XSS vulnerabilities in profile.php of 427BB 2.2. The vulnerability is triggered by the (1) user or (2) Avatar parameters, allowing remote attackers to inject arbitrary web script or HTML. The NVD entry documents a MEDIUM severity (CVSS v2: AV:N/AC:M/Au:N/...