82 matches found
CVE-2021-47954
LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the searchquery parameter. Attackers can send POST requests to /search.php with malicious searchquery values using CASE WHEN statements to extra...
CVE-2021-47954 LayerBB 1.1.4 SQL Injection via search_query Parameter
LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the searchquery parameter. Attackers can send POST requests to /search.php with malicious searchquery values using CASE WHEN statements to extra...
CVE-2021-47954 LayerBB 1.1.4 SQL Injection via search_query Parameter
LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the searchquery parameter. Attackers can send POST requests to /search.php with malicious searchquery values using CASE WHEN statements to extra...
EUVD-2021-34841
LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the searchquery parameter. Attackers can send POST requests to /search.php with malicious searchquery values using CASE WHEN statements to extra...
CVE-2021-47954
LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the searchquery parameter. Attackers can send POST requests to /search.php with malicious searchquery values using CASE WHEN statements to extra...
CVE-2021-47954
LayerBB 1.1.4 contains an unauthenticated SQL injection vulnerability in the search_query parameter. An attacker can send POST requests to /search.php with crafted search_query values (e.g., using CASE WHEN statements) to manipulate queries and extract sensitive database information. No remediati...
PT-2026-41451
Name of the Vulnerable Software and Affected Versions LayerBB version 1.1.4 Description An SQL injection allows unauthenticated attackers to manipulate database queries by injecting SQL code. This is achieved by sending POST requests to the '/search.php' endpoint using malicious values in the...
LayerBB SQL注入漏洞
LayerBB is a set of small-scale forum software. Version 1.1.4 of LayerBB contains an SQL injection vulnerability. This vulnerability stems from SQL injection issues, which may allow unauthenticated attackers to inject SQL code through the searchquery parameter, thereby manipulating database queri...
CVE-2019-16531
LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated by changing the System Settings via admin/general.php...
EUVD-2019-5235
Malware in sbrugna...
EUVD-2019-7205
Malware in sbrugna...
EUVD-2019-5236
Malware in sbrugna...
EUVD-2019-5234
Malware in sbrugna...
EUVD-2018-9735
Malware in sbrugna...
EUVD-2018-9736
Malware in sbrugna...
EUVD-2018-9727
Malware in sbrugna...
CVE-2019-13972
LayerBB 1.1.3 allows XSS via the application/commands/new.php pmtitle variable, a related issue to CVE-2019-17997...
CVE-2019-13973
LayerBB 1.1.3 allows admin/general.php arbitrary file upload because the customlogo filename suffix is not restricted, and .php may be used...
CVE-2019-13974
LayerBB 1.1.3 allows conversations.php/cmd/new CSRF...
CVE-2018-17997
LayerBB 1.1.1 allows XSS via the titles of conversations PMs...