CVE-2006-7188

The search function in cgi-lib/user-lib/search.pl in web-app.net WebAPP before 20060909 allows remote attackers to read internal forum posts via certain requests, possibly related to the $info'forum' variable...

CVE-2006-7188

The CVE-2006-7188 entry concerns WebAPP by web-app.net. Affected component: the search.pl in cgi-lib/user-lib. Before 20060909, remote attackers could read internal forum posts by crafting certain requests, with the issue possibly tied to the $info{'forum'} variable. The provided sources confirm ...

CVE-2006-7188

The search function in cgi-lib/user-lib/search.pl in web-app.net WebAPP before 20060909 allows remote attackers to read internal forum posts via certain requests, possibly related to the $info'forum' variable...

Old-fashioned fruit machines to dig division techniques-vulnerability warning-the black bar safety net

The first pressure pounds, no matter front there is no people lose money BAR binary 3 7 watermelon bells papaya orange Apple Pressure note amount: 0 0 0 0 2 1 2 8 This pressure of the object is the washing machine, make it into a certain mode, the beginning of such pressure, will not lose many...

CVE-2006-6283

Multiple cross-site scripting XSS vulnerabilities in Vikingboard 0.1.2 allow remote attackers to inject arbitrary web script or HTML via the subject field of 1 a private message PM or 2 a bulletin board post...

phpBB User Viewed Posts Tracker模块phpbb_root_path变量远程文件包含漏洞

phpBB是一种用PHP语言实现的基于Web的开放源码论坛程序，使用较为广泛。它支持多种数据库作为后端，如Oracle、MSSQL、MySql、PostGres等等。 phpBB的User Viewed Posts Tracker模块在处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 phpBB的User Viewed Posts Tracker模块没有正确地验证phpbbrootpath参数的输入，允许攻击者通过包含本地或外部资源的任意文件导致执行任意PHP代码。漏洞代码如下： includeonce$phpbbrootpath...

Debian DSA-899-1 : egroupware - programming errors

Several vulnerabilities have been discovered in egroupware, a web-based groupware suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-0870 Maksymilian Arciemowicz discovered several cross site scripting problems in phpsysinfo, which are also...

phpbbViewed10.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= phpBB User Viewed Posts Tracker Version = 1.0 phpbbrootpath File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered by XORONturkish...

CVE-2006-5223

CVE-2006-5223 : Affected product: Nivisec User Viewed Posts Tracker module for phpBB (version 1.0 and earlier). Vulnerability : PHP remote file inclusion in includes/functions_user_viewed_posts.php via a URL supplied to the phpbb_root_path parameter, enabling remote PHP code execution. Impact : a...

CVE-2006-5223

PHP remote file inclusion vulnerability in includes/functionsuserviewedposts.php in the Nivisec User Viewed Posts Tracker module 1.0 and earlier for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

phpBB User Viewed Posts Tracker Version <= 1.0 [phpbb_root_path] File Include Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= phpBB User Viewed Posts Tracker Version = 1.0 phpbbrootpath File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered by XORONturkish...

phpBB User Viewed Posts Tracker <= 1.0 File Include Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= phpBB User Viewed Posts Tracker Version = 1.0 phpbbrootpath File Include Vulnerability...

phpBB User Viewed Posts Tracker <= 1.0 File Include Vulnerability

Exploit for unknown platform in category web applications ================================================================= phpBB User Viewed Posts Tracker = 1.0 File Include Vulnerability =================================================================...

phpBB User Viewed Posts Tracker 1.0 - Remote File Inclusion

phpBB User Viewed Posts Tracker 1.0 - Remote File Inclusion -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= phpBB User Viewed Posts Tracker Version = 1.0 phpbbrootpath File Include Vulnerability...

phpBB User Viewed Posts Tracker 1.0 - Remote File Inclusion

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= phpBB User Viewed Posts Tracker Version = 1.0 phpbbrootpath File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered by XORONturkish...

CVE-2006-3420

Cross-site request forgery CSRF vulnerability in editpost.php in MyBulletinBoard MyBB before 1.1.5 allows remote attackers to perform unauthorized actions as a logged in user and delete arbitrary forum posts via a bbcode IMG tag with a modified delete parameter in a deletepost action. NOTE: the...

CVE-2006-3420

Cross-site request forgery CSRF vulnerability in editpost.php in MyBulletinBoard MyBB before 1.1.5 allows remote attackers to perform unauthorized actions as a logged in user and delete arbitrary forum posts via a bbcode IMG tag with a modified delete parameter in a deletepost action. NOTE: the...

CVE-2006-2773

admin/redigera/redigera2.asp in Hogstorps hogstorp Guestbook 2.0 does not verify user credentials, which allows remote attackers to edit arbitrary posts via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Code injection

admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials, which allows remote attackers to delete arbitrary posts via a modified delID parameter...

CVE-2006-2771

admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials, which allows remote attackers to delete arbitrary posts via a modified delID parameter...