31 matches found
CVE-2006-0155
Cross-site scripting XSS vulnerability in posts.php in 427BB 2.2 and 2.2.1 allows remote attackers to inject arbitrary Javascript via a new message with a url bbcode tag containing a javascript URI...
EV0018.txt
New eVuln Advisory: 427BB Multiple Vulnerabilities Cookie-based Authentication Bypass, SQL Injections, XSS --------------------Summary---------------- Software: 427BB Sowtware's Web Site: http://sourceforge.net/projects/fourtwosevenbb Versions: checked: 2.2 and 2.2.1 Critical Level: Dangerous Typ...
[eVuln] 427BB Multiple Vulnerabilities (Cookie-based Authentication Bypass, SQL Injections, XSS)
New eVuln Advisory: 427BB Multiple Vulnerabilities Cookie-based Authentication Bypass, SQL Injections, XSS --------------------Summary---------------- Software: 427BB Sowtware's Web Site: http://sourceforge.net/projects/fourtwosevenbb Versions: checked: 2.2 and 2.2.1 Critical Level: Dangerous Typ...
[SA18354] 427BB Multiple Vulnerabilities
TITLE: 427BB Multiple Vulnerabilities SECUNIA ADVISORY ID: SA18354 VERIFY ADVISORY: http://secunia.com/advisories/18354/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: 427BB 2.x http://secunia.com/product/4730/...
427BB 2.2 - Authentication Bypass
source: https://www.securityfocus.com/bid/16178/info 427BB is prone to an authentication bypass vulnerability. This issue is due to a failure in the application to properly validate user-supplied data. An attacker can exploit this issue to bypass the authentication mechanism and gain access to th...
CVE-2005-0629
The CVE-2005-0629 issue concerns multiple XSS vulnerabilities in profile.php of 427BB 2.2. The vulnerability is triggered by the (1) user or (2) Avatar parameters, allowing remote attackers to inject arbitrary web script or HTML. The NVD entry documents a MEDIUM severity (CVSS v2: AV:N/AC:M/Au:N/...
HRG006.txt
HRG - Hackerlounge Research Group Release: HRG006 Monday 03/01/05 427BB The author can't be held responsible for any damage done by a reader. You have your own resonsibility Please use this document like it's meant to. Vulnerable: 427BB Any Version --- General Information: 427BB Is a simple board...
HRG007.txt
HRG - Hackerlounge Research Group Release: HRG007 Monday 03/01/05 427BB The author can't be held responsible for any damage done by a reader. You have your own resonsibility Please use this document like it's meant to. Vulnerable: 427BB Any Version --- General Information: 427BB Is a simple board...
427BB profile.php XSS vulnerability.
HRG - Hackerlounge Research Group Release: HRG007 Monday 03/01/05 427BB The author can't be held responsible for any damage done by a reader. You have your own resonsibility Please use this document like it's meant to. Vulnerable: 427BB Any Version --- General Information: 427BB Is a simple board...
427BB 2.x - Multiple Remote HTML Injection Vulnerabilities
427BB 2.x - Multiple Remote HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/12693/info 427BB is reportedly affected by multiple remote HTML injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it...
427BB 2.x - Multiple Remote HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/12693/info 427BB is reportedly affected by multiple remote HTML injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. The attacker-supplied HT...