212 matches found
Simple Message Board 2.0 beta1 Thread.CFM Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14268/info A cross-site scripting vulnerability affects Simple Message Board. This issue is due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...
Easy Message Board Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13551/info Easy Message Board is prone to a directory traversal vulnerability that could allow attackers to read files outside the Web root...
Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17224/info MySQL Based Message Board is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful...
Liferay Enterprise Portal 1.x/2.x/5.0.2 - Multiple XSS Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/10402/info It has been reported that Liferay Enterprise Portal is susceptible to multiple cross-site scripting and HTML injection vulnerabilities. User-supplied data from many input fields is included in server generated...
PHPOutsourcing Zorum 3.4 Path Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8396/info A vulnerability has been reported in Zorum message board software that allows a remote attacker to send a malformed HTTP request resulting in a disclosure of the installation path. This issue may allow an attack...
FreezingCold Broadboard search.asp SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/11250/info Reportedly BroadBoard Message Board is affected by multiple SQL injection vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied URI input prior to using it in ...
Messagerie 1.0 Arbitrary User Removal DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4635/info Messagerie is a web message board application maintained by La Basse. An issue has been discovered in Messagerie, which could allow an attacker to delete arbitrary user accounts. Reportedly, submitting a special...
Simple Message Board 2.0 beta1 Forum.CFM Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14266/info A cross-site scripting vulnerability affects Simple Message Board. This issue is due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...
Simple Message Board 2.0 beta1 Search.CFM Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14269/info A cross-site scripting vulnerability affects Simple Message Board. This issue is due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitra...
FCMS_2.7.2 cms and earlier multiple stored XSS Vulnerability
No description provided by source. FCMS2.7.2 cms and earlier multiple stored XSS Vulnerability =================================================================================== Exploit Title: FCMS2.7.2 cms multiple stored XSS Vulnerability Download link...
Easy Message Board Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13555/info Easy Message Board is prone to a remote command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input...
FreezingCold Broadboard profile.asp SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/11250/info Reportedly BroadBoard Message Board is affected by multiple SQL injection vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied URI input prior to using it in ...
Go Smart Inc GoSmart Message Board Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/11361/info GoSmart Message Board is reported prone to multiple input validation vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting and SQL injection attacks. The cause of these iss...
Maccms V8 XSS可打后台 #3
简要描述: 刚发了个后台getshell,但是屌丝的攻城狮要怎么进入后台呢?XSS呀 本应该两个洞一起发的,xss+后台getshell=getshell,手快发早了,只好再找个其它的接口来充数了 详细说明: 在留言板本处 插入即可 打后台 漏洞证明: 结合后台漏洞攻击: 1. 后台任意文件删除,可删除install.lock导致重装 接口 http://localhost/maccms8/admin/?m=extend-picdel post参数: fname%5B%5D=..%2Fupload%2Fart%2F..%5C%5C..%5C%5C\inc\install.lock 2...
Bluetooth Chat Connect v1.0 iOS - Multiple Vulnerabilities
Document Title: =============== Bluetooth Chat Connect v1.0 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=960 Release Date: ============= 2013-05-31 Vulnerability Laboratory ID VL-ID: ====================================...
eXtreme Message Board 1.9.11 Cross Site Request Forgery
Date: Thu 15 Jul 2010 12:08:07 PM EEST Vendor: http://www.xmbforum.com/ Download: http://www.xmbforum.com/download/XMB-1.9.11.09.zip --- -= CSRF PoC 1 - Change Admin Password =- -= Method 1 - editprofile.php =- eXtreme Message Board 1.9.11 Multiple CSRF Vulnerabilities - Change Admin Password -=...
eXtreme Message Board 1.9.11 - Multiple Cross-Site Request Forgery Vulnerabilities
eXtreme Message Board 1.9.11 - Multiple Cross-Site Request Forgery Vulnerabilities Date: Thu 15 Jul 2010 12:08:07 PM EEST Vendor: http://www.xmbforum.com/ Download: http://www.xmbforum.com/download/XMB-1.9.11.09.zip --- -= CSRF PoC 1 - Change Admin Password =- -= Method 1 - editprofile.php =-...
eXtreme Message Board 1.9.11 Multiple CSRF Vulnerabilities
Exploit for php platform in category web applications ========================================================== eXtreme Message Board 1.9.11 Multiple CSRF Vulnerabilities ========================================================== The vulnerable application can be downloaded from:...
eXtreme Message Board 1.9.11 - Multiple Cross-Site Request Forgery Vulnerabilities
Date: Thu 15 Jul 2010 12:08:07 PM EEST Vendor: http://www.xmbforum.com/ Download: http://www.xmbforum.com/download/XMB-1.9.11.09.zip --- -= CSRF PoC 1 - Change Admin Password =- -= Method 1 - editprofile.php =- eXtreme Message Board 1.9.11 Multiple CSRF Vulnerabilities - Change Admin Password -=...
Sound uniform to PHP message Board XSS vulnerability-vulnerability warning-the black bar safety net
Version: sound uniform to PHP message Board v2010. 1 Vulnerability reason not to input content filtering ------------------------------------------------------------ the includeonce"conn.php"; ifisset$GET'action' $content=$POST'content'; //the input content is not filtered $tel=$POST'tel';...