Lucene search
K

5 matches found

CNVD
CNVD
added 2015/07/14 12:0 a.m.4 views

LEMON-S PHP Simple Oekaki BBS Arbitrary File Deletion Vulnerability

LEMON-S PHP Simple Oekaki BBS is a PHP-based electronic bulletin board BBS script. A security vulnerability exists in the index.php script of LEMON-S PHP Simple Oekaki BBS versions prior to 1.21. A remote attacker can exploit the vulnerability to delete arbitrary files with the help of the...

6.4CVSS7AI score0.01643EPSS
Exploits0References1
CNVD
CNVD
added 2015/07/14 12:0 a.m.3 views

LEMON-S PHP Simple Oekaki BBS Cross-Site Scripting Vulnerability

LEMON-S PHP Simple Oekaki BBS is a PHP-based electronic bulletin board BBS script. A cross-site scripting vulnerability exists in the index.php script in LEMON-S PHP Simple Oekaki BBS versions prior to 1.21. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

4.3CVSS6AI score0.01171EPSS
Exploits0References1
Prion
Prion
added 2015/07/10 3:59 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote attackers to inject arbitrary web script or HTML via the oekakis parameter...

4.3CVSS6.2AI score0.01171EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2015/07/10 3:0 p.m.41 views

CVE-2015-2970

The vulnerability CVE-2015-2970 affects the LEMON-S PHP Simple Oekaki BBS, specifically versions prior to 1.21. A flaw in index.php allows remote attackers to delete arbitrary files by manipulating the oekakis parameter, due to improper parsing. This is a server-side file deletion issue that coul...

6.4CVSS7.1AI score0.01643EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/07/10 4:57 a.m.2 views

Simple Oekaki BBS vulnerability where arbitrary files may be deleted

Overview Simple Oekaki BBS provided by LEMON-S PHP contains a flaw in parsing the oekakis parameter in index.php, which may allow a remote attacker to delete arbitrary files. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

6.4CVSS6.8AI score0.01643EPSS
Exploits0References5
Rows per page
Query Builder