EUVD-2006-1638

Malware in sbrugna...

EUVD-2006-1639

Malware in sbrugna...

[eVuln] aWebBB Multiple XSS and SQL Injection Vulnerabilities

New eVuln Advisory: aWebBB Multiple XSS and SQL Injection Vulnerabilities http://evuln.com/vulns/117/summary.html --------------------Summary---------------- eVuln ID: EV0117 CVE: CVE-2006-1637 CVE-2006-1638 Software: aWebBB Sowtware's Web Site: http://labs.aweb.com.au/ Versions: 1.2 Critical...

Sql injection

Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote attackers to execute arbitrary SQL commands via the 1 Username parameter to a accounts.php, b changep.php, c editac.php, d feedback.php, e fpass.php, f login.php, g post.php, h reply.php, or i replylog.php; 2 p parameter to j...

CVE-2006-1638

Multiple SQL injection vulnerabilities in aWebBB 1.2 allow remote attackers to execute arbitrary SQL commands via the 1 Username parameter to a accounts.php, b changep.php, c editac.php, d feedback.php, e fpass.php, f login.php, g post.php, h reply.php, or i replylog.php; 2 p parameter to j...

CVE-2006-1637

The CVE-2006-1637 entry describes multiple XSS vulnerabilities in aWebBB 1.2. Affected scripts: post.php (parameters tname, fpost); editac.php (fullname, emailadd, country, sig, otherav); register.php (fullname, emailadd, country). The underlying issue is insufficient sanitization of user-supplie...

CVE-2006-1638

CVE-2006-1638 : AWebBB 1.2 has multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands via user-supplied input. Affected scripts include accounts.php, changep.php, editac.php, feedback.php, fpass.php, login.php, post.php, reply.php, and reply_log.php (...