6 matches found
phpBB 1.x/2.0.x Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/9942/info It has been reported that phpBB may be prone to multiple vulnerabilities that could allow an attacker to carry out SQL injection and cross-site scripting attacks. These vulnerabilities result from insufficient...
Cross site scripting
Cross-site scripting XSS vulnerability in adminsmilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 smileurl or 2 smileemotion parameters, which bypasses a check for "" characters...
CVE-2006-0437
Cross-site scripting XSS vulnerability in adminsmilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 smileurl or 2 smileemotion parameters, which bypasses a check for "" characters...
CVE-2006-0437
Cross-site scripting XSS vulnerability in adminsmilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 smileurl or 2 smileemotion parameters, which bypasses a check for "" characters...
CVE-2006-0437
CVE-2006-0437 describes a cross‑site scripting (XSS) vulnerability in phpBB 2.0.19, specifically in admin_smilies.php. The issue allows remote attackers to inject arbitrary web script or HTML by supplying crafted values in the smile_url or smile_emotion parameters (via Javascript events like onmo...
phpBB2.0.19.txt
Orginal Source: http://securityreason.com/achievementsecurityalert/31 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpBB 2.0.19 Cross Site Request Forgeries and XSS Admin Author: Maksymilian Arciemowicz cXIb8O3 Date: 3.2.2006 from SecurityReason.Com CVE-2006-0437 for the XSS issues CVE-2006-0438...