EUVD-2010-4776

Malware in sbrugna...

EUVD-2010-4777

Malware in sbrugna...

Cross site request forgery (csrf)

6kbbs 7.1 and 8.0 allows CSRF via portalchannelajax.php id or code parameter or admin.php fileids parameter...

CVE-2015-9292

CVE-2015-9292 affects 6kbbs versions 7.1 and 8.0, where a CSRF vulnerability exists in the web interfaces. The flaw allows cross-site requests to be forged via portalchannel_ajax.php (parameters id or code) or admin.php (parameter fileids). The description does not specify affected platforms beyo...

CVE-2015-9292

6kbbs 7.1 and 8.0 allows CSRF via portalchannelajax.php id or code parameter or admin.php fileids parameter...

6kbbs 8.0 Cross Site Scripting

6kbbs v8.0 XSS Cross-site Scripting Security Vulnerabilities Exploit Title: 6kbbs XSS Cross-site Scripting Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 02, 2015 Latest Update: April 02, 2015 Vulnerabilit...

6kbbs 8.0 Cross Site Request Forgery

6kbbs v8.0 Multiple CSRF Cross-Site Request Forgery Security Vulnerabilities Exploit Title: 6kbbs Multiple CSRF Cross-Site Request Forgery Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 02, 2015 Latest...

6kbbs 8.0 SQL Injection

6kbbs v8.0 SQL Injection Security Vulnerabilities Exploit Title: 6kbbs Multiple SQL Injection Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: April 01, 2015 Latest Update: April 01, 2015 Vulnerability Type:...

6kbbs Multiple Vulnerabilities

No description provided by source. Exploit Title: 6kbbs Multiple Vulnerabilities Google Dork: Powered by 6kbbs V8.0 Date: 2011/10/5 Author: insight-labs Software Link: http://www.6kbbs.net/ Version: 6KBBS v8.0 build 20101201 Tested on: linux+apache 1.Cross-site request forgery getshell vulnerable...

6kbbs 8.0 ajaxmember.php 权限提升漏洞

No description provided by source...

6kbbs Cross Site Request Forgery / Cross Site Scripting

Exploit Title: 6kbbs Multiple Vulnerabilities Google Dork: Powered by 6kbbs V8.0 Date: 2011/10/5 Author: insight-labs Software Link: http://www.6kbbs.net/ Version: 6KBBS v8.0 build 20101201 Tested on: linux+apache 1.Cross-site request forgery getshell vulnerable file: /admin/userajax.php detail:...

6kbbs - Multiple Vulnerabilities

6kbbs - Multiple Vulnerabilities Exploit Title: 6kbbs Multiple Vulnerabilities Google Dork: Powered by 6kbbs V8.0 Date: 2011/10/5 Author: insight-labs Software Link: http://www.6kbbs.net/ Version: 6KBBS v8.0 build 20101201 Tested on: linux+apache 1.Cross-site request forgery getshell vulnerable...

6KBBS 8.0 build 20101201 - Cross-Site Scripting / Information Disclosure

source: https://www.securityfocus.com/bid/50050/info 6KBBS is prone to multiple cross-site scripting and information-disclosure vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to obtain potentially sensitive information and to execu...

6kbbs - Multiple Vulnerabilities

Exploit Title: 6kbbs Multiple Vulnerabilities Google Dork: Powered by 6kbbs V8.0 Date: 2011/10/5 Author: insight-labs Software Link: http://www.6kbbs.net/ Version: 6KBBS v8.0 build 20101201 Tested on: linux+apache 1.Cross-site request forgery getshell vulnerable file: /admin/userajax.php detail:...

6kbbs Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: 6kbbs Multiple Vulnerabilities Google Dork: Powered by 6kbbs V8.0 Date: 2011/10/5 Author: insight-labs Software Link: http://www.6kbbs.net/ Version: 6KBBS v8.0 build 20101201 Tested on: linux+apache 1.Cross-site request forgery...

Sql injection

Multiple SQL injection vulnerabilities in 6kbbs 8.0 build 20100901 allow remote attackers to execute arbitrary SQL commands via the 1 tids parameter to ajaxadmin.php and the 2 msgids parameter to ajaxmember.php...

CVE-2010-4812

Multiple SQL injection vulnerabilities in 6kbbs 8.0 build 20100901 allow remote attackers to execute arbitrary SQL commands via the 1 tids parameter to ajaxadmin.php and the 2 msgids parameter to ajaxmember.php...

CVE-2010-4811

Multiple cross-site scripting XSS vulnerabilities in ajaxmember.php in 6kbbs 8.0 build 20100901 allow remote attackers to inject arbitrary web script or HTML via the 1 usermsn, 2 useremail, and 3 userphone parameters in a modifyDetails action...

CVE-2010-4811

Multiple cross-site scripting XSS vulnerabilities in ajaxmember.php in 6kbbs 8.0 build 20100901 allow remote attackers to inject arbitrary web script or HTML via the 1 usermsn, 2 useremail, and 3 userphone parameters in a modifyDetails action...

CVE-2010-4812

Multiple SQL injection vulnerabilities in 6kbbs 8.0 build 20100901 allow remote attackers to execute arbitrary SQL commands via the 1 tids parameter to ajaxadmin.php and the 2 msgids parameter to ajaxmember.php...