EUVD-2010-4777

Malware in sbrugna...

EUVD-2010-4776

Malware in sbrugna...

Cross site request forgery (csrf)

6kbbs 7.1 and 8.0 allows CSRF via portalchannelajax.php id or code parameter or admin.php fileids parameter...

CVE-2015-9292

6kbbs 7.1 and 8.0 allows CSRF via portalchannelajax.php id or code parameter or admin.php fileids parameter...

CVE-2015-9292

CVE-2015-9292 affects 6kbbs versions 7.1 and 8.0, where a CSRF vulnerability exists in the web interfaces. The flaw allows cross-site requests to be forged via portalchannel_ajax.php (parameters id or code) or admin.php (parameter fileids). The description does not specify affected platforms beyo...

6kbbs 8.0 Cross Site Request Forgery

6kbbs v8.0 Multiple CSRF Cross-Site Request Forgery Security Vulnerabilities Exploit Title: 6kbbs Multiple CSRF Cross-Site Request Forgery Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 02, 2015 Latest...

6kbbs 8.0 Cross Site Scripting

6kbbs v8.0 XSS Cross-site Scripting Security Vulnerabilities Exploit Title: 6kbbs XSS Cross-site Scripting Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 02, 2015 Latest Update: April 02, 2015 Vulnerabilit...

6kbbs 8.0 SQL Injection

6kbbs v8.0 SQL Injection Security Vulnerabilities Exploit Title: 6kbbs Multiple SQL Injection Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 01, 2015 Latest Update: April 01, 2015 Vulnerability Type:...

6kbbs Multiple Vulnerabilities

No description provided by source. Exploit Title: 6kbbs Multiple Vulnerabilities Google Dork: Powered by 6kbbs V8.0 Date: 2011/10/5 Author: insight-labs Software Link: http://www.6kbbs.net/ Version: 6KBBS v8.0 build 20101201 Tested on: linux+apache 1.Cross-site request forgery getshell vulnerable...

6kbbs 8.0 ajaxmember.php 权限提升漏洞

No description provided by source...

6kbbs Cross Site Request Forgery / Cross Site Scripting

Exploit Title: 6kbbs Multiple Vulnerabilities Google Dork: Powered by 6kbbs V8.0 Date: 2011/10/5 Author: insight-labs Software Link: http://www.6kbbs.net/ Version: 6KBBS v8.0 build 20101201 Tested on: linux+apache 1.Cross-site request forgery getshell vulnerable file: /admin/userajax.php detail:...

6KBBS 8.0 build 20101201 - Cross-Site Scripting / Information Disclosure

source: https://www.securityfocus.com/bid/50050/info 6KBBS is prone to multiple cross-site scripting and information-disclosure vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to obtain potentially sensitive information and to execu...

6kbbs - Multiple Vulnerabilities

6kbbs - Multiple Vulnerabilities Exploit Title: 6kbbs Multiple Vulnerabilities Google Dork: Powered by 6kbbs V8.0 Date: 2011/10/5 Author: insight-labs Software Link: http://www.6kbbs.net/ Version: 6KBBS v8.0 build 20101201 Tested on: linux+apache 1.Cross-site request forgery getshell vulnerable...

6kbbs - Multiple Vulnerabilities

Exploit Title: 6kbbs Multiple Vulnerabilities Google Dork: Powered by 6kbbs V8.0 Date: 2011/10/5 Author: insight-labs Software Link: http://www.6kbbs.net/ Version: 6KBBS v8.0 build 20101201 Tested on: linux+apache 1.Cross-site request forgery getshell vulnerable file: /admin/userajax.php detail:...

6kbbs Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: 6kbbs Multiple Vulnerabilities Google Dork: Powered by 6kbbs V8.0 Date: 2011/10/5 Author: insight-labs Software Link: http://www.6kbbs.net/ Version: 6KBBS v8.0 build 20101201 Tested on: linux+apache 1.Cross-site request forgery...

CVE-2010-4812

Multiple SQL injection vulnerabilities in 6kbbs 8.0 build 20100901 allow remote attackers to execute arbitrary SQL commands via the 1 tids parameter to ajaxadmin.php and the 2 msgids parameter to ajaxmember.php...

Sql injection

Multiple SQL injection vulnerabilities in 6kbbs 8.0 build 20100901 allow remote attackers to execute arbitrary SQL commands via the 1 tids parameter to ajaxadmin.php and the 2 msgids parameter to ajaxmember.php...

CVE-2010-4811

Multiple cross-site scripting XSS vulnerabilities in ajaxmember.php in 6kbbs 8.0 build 20100901 allow remote attackers to inject arbitrary web script or HTML via the 1 usermsn, 2 useremail, and 3 userphone parameters in a modifyDetails action...

CVE-2010-4811

CVE-2010-4811 concerns multiple cross-site scripting (XSS) vulnerabilities in the 6kbbs 8.0 build 20100901 package, specifically in ajaxmember.php. The flaws allow remote attackers to inject arbitrary web script or HTML by manipulating the parameters user[msn], user[email], and user[phone] in a m...

CVE-2010-4812

The CVE-2010-4812 entry describes multiple SQL injection vulnerabilities in 6kbbs 8.0 build 20100901. The affected components are the web application’s ajaxadmin.php (parameter tids[]) and ajaxmember.php (parameter msgids[]). The underlying issue is that user-supplied input is used to construct S...