24 matches found
EUVD-2002-0118
Malware in sbrugna...
EUVD-2001-0880
Malware in sbrugna...
EUVD-2022-29835
Malicious code in bioql PyPI...
Design/Logic Flaw
Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature...
Infopop Ultimate Bulletin Board 安全漏洞
Infopop Ultimate Bulletin Board is a web forum system from Infopop, Inc. A security vulnerability exists in Infopop Ultimate Bulletin Board version 5.47a and prior versions, which originated from a vulnerability that allows unauthenticated users to view messages in private forums by referring to...
CVE-2022-25091
Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature...
PT-2023-12779 · Infopop · Infopop Ultimate Bulletin Board
Name of the Vulnerable Software and Affected Versions: Infopop Ultimate Bulletin Board versions up to 5.47a Description: The issue allows all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature. Recommendations: For Infopop Ultimate Bulletin...
CVE-2022-25091
The CVE-2022-25091 entry concerns Infopop Ultimate Bulletin Board up to version 5.47a. The vulnerability allows unauthenticated users to disclose all messages posted inside private forums via the quote reply feature. The issue is a confidentiality impact (C:L) with no integrity or availability im...
CVE-2022-25091
Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature...
Ultimate Bulletin Board 6.0/6.2 UBBER Cookie HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8212/info Ultimate Bulletin Board has been reported prone to a HTML injection vulnerability. The issue likely presents itself due to a lack of sanitization performed on cookie data. It has been reported that a remote...
CVE-2003-0587
Cross-site scripting XSS vulnerability in Infopop Ultimate Bulletin Board UBB 6.x allows remote authenticated users to execute arbitrary web script and gain administrative access via the "displayed name" attribute of the "ubber" cookie...
CVE-2002-0118
Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board UBB 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag...
CVE-2002-0118
Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board UBB 6.2.0 Beta Release 1.0 allows remote attackers to execute arbitrary script and steal cookies via a message containing encoded Javascript in an IMG tag...
CVE-2001-0897
Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board UBB before 5.47e allows remote attackers to steal user cookies via an IMG tag that references an about: URL with an onerror field...
Дырки в Ultimate Bulletin Board (javascript, cookie)
Можно вставить javascript в таг IMG, кроме того при проверке куки не проверяется пароль пользователя...
CVE-2001-0897
Cross-site scripting vulnerability in Infopop Ultimate Bulletin Board UBB before 5.47e allows remote attackers to steal user cookies via an IMG tag that references an about: URL with an onerror field...
Дырка в Ultimate Bulletin Board
Можно посмотреть сообщения в закрытой паролем конференции используя функцию ответа с квотированием...
More on Ultimate Bullering Board
In response to Scott Ashman's post about UBB. After i discovered this bug last week i tried to contact infopop on 3 email adresses from their contact page i finally managed to find one that didn't bounce, but i haven't recieved any response yet. Anyway, Scott describes a way to retrieve other...
En: ubb hole
----- Original Message ----- From: tdf To: [email protected] Sent: Monday, November 20, 2000 2:46 PM Subject: ubb hole ----------------------------------------------------------------------------------- Ultimate Bulletin Board - Private forums security hole, by tdf [email protected]...
CVE-2000-0141
Infopop Ultimate Bulletin Board UBB allows remote attackers to execute commands via shell metacharacters in the topic hidden field...