Lucene search
+L

6 matches found

seebug
seebug
added 2014/07/01 12:0 a.m.22 views

phpBB 1.x/2.0.x Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9942/info It has been reported that phpBB may be prone to multiple vulnerabilities that could allow an attacker to carry out SQL injection and cross-site scripting attacks. These vulnerabilities result from insufficient...

7.1AI score
Exploits0
prion
prion
added 2006/02/06 10:2 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in adminsmilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 smileurl or 2 smileemotion parameters, which bypasses a check for "" characters...

4.3CVSS6.2AI score0.02241EPSS
Exploits2References7Affected Software1
ubuntucve
ubuntucve
added 2006/02/06 10:2 p.m.37 views

CVE-2006-0437

Cross-site scripting XSS vulnerability in adminsmilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 smileurl or 2 smileemotion parameters, which bypasses a check for "" characters...

4.3CVSS6.1AI score0.02241EPSS
Exploits2References1
cvelist
cvelist
added 2006/02/06 10:0 p.m.38 views

CVE-2006-0437

Cross-site scripting XSS vulnerability in adminsmilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the 1 smileurl or 2 smileemotion parameters, which bypasses a check for "" characters...

5.7AI score0.02241EPSS
Exploits2References7
cve
cve
added 2006/02/06 10:0 p.m.62 views

CVE-2006-0437

CVE-2006-0437 describes a cross‑site scripting (XSS) vulnerability in phpBB 2.0.19, specifically in admin_smilies.php. The issue allows remote attackers to inject arbitrary web script or HTML by supplying crafted values in the smile_url or smile_emotion parameters (via Javascript events like onmo...

4.3CVSS5.7AI score0.02241EPSS
Exploits2References7Affected Software1
packetstorm
packetstorm
added 2006/02/06 12:0 a.m.44 views

phpBB2.0.19.txt

Orginal Source: http://securityreason.com/achievementsecurityalert/31 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpBB 2.0.19 Cross Site Request Forgeries and XSS Admin Author: Maksymilian Arciemowicz cXIb8O3 Date: 3.2.2006 from SecurityReason.Com CVE-2006-0437 for the XSS issues CVE-2006-0438...

5CVSS6.6AI score0.02485EPSS
Exploits3
Rows per page
Query Builder