EUVD-2007-3574

Malware in sbrugna...

EUVD-2007-3573

Malware in sbrugna...

Sql injection

Multiple SQL injection vulnerabilities in b1gbb 2.24.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 showthread.php or 2 showboard.php...

CVE-2007-3589

Multiple SQL injection vulnerabilities in b1gbb 2.24.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 showthread.php or 2 showboard.php...

Cross site scripting

Cross-site scripting XSS vulnerability in visitenkarte.php in b1gBB 2.24.0 allows remote attackers to inject arbitrary web script or HTML via the user parameter...

CVE-2007-3590

Cross-site scripting XSS vulnerability in visitenkarte.php in b1gBB 2.24.0 allows remote attackers to inject arbitrary web script or HTML via the user parameter...

CVE-2007-3590

CVE-2007-3590 is a cross-site scripting (XSS) flaw in visitenkarte.php of b1gBB version 2.24.0. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the user parameter. No remediation or affected version details are provided beyond the 2.24.0 reference, and exploit...

CVE-2007-3589

CVE-2007-3589 affects b1gbb 2.24.0. Multiple SQL injection vulnerabilities allow remote attackers to execute arbitrary SQL commands via the id parameter to showthread.php or showboard.php. Root cause: input handling in the id parameter enables SQL injection. Exploitation details are not provided ...

b1gbb-sql.txt

b1gbb 2.24.0 SQL/XSS Remote Vulnerabilities D.Script : http://switch.dl.sourceforge.net/sourceforge/b1gbb/b1gbb-2.24.0.zip Exploits SQL : //showthread.php?id=-1%20union%20all%20select%200,1,2,3,4,5,6,concatusername,passwort,8%20FROM%20cebbuser%20%20where%20id=1/ OR...

b1gbb 2.24.0 (SQL Injection / XSS) Remote Vulnerabilities

No description provided by source. b1gbb 2.24.0 SQL/XSS Remote Vulnerabilities D.Script : http://switch.dl.sourceforge.net/sourceforge/b1gbb/b1gbb-2.24.0.zip Exploits SQL : //showthread.php?id=-1%20union%20all%20select%200,1,2,3,4,5,6,concatusername,passwort,8%20FROM%20cebbuser%20%20where%20id=1/...

b1gbb 2.24.0 (SQL Injection / XSS) Remote Vulnerabilities

Exploit for unknown platform in category web applications ========================================================= b1gbb 2.24.0 SQL Injection / XSS Remote Vulnerabilities ========================================================= b1gbb 2.24.0 SQL/XSS Remote Vulnerabilities D.Script :...

b1gbb 2.24.0 - SQL Injection Cross-Site Scripting

b1gbb 2.24.0 - SQL Injection Cross-Site Scripting b1gbb 2.24.0 SQL/XSS Remote Vulnerabilities D.Script : http://switch.dl.sourceforge.net/sourceforge/b1gbb/b1gbb-2.24.0.zip Exploits SQL :...

b1gbb 2.24.0 - SQL Injection / Cross-Site Scripting

b1gbb 2.24.0 SQL/XSS Remote Vulnerabilities D.Script : http://switch.dl.sourceforge.net/sourceforge/b1gbb/b1gbb-2.24.0.zip Exploits SQL : //showthread.php?id=-1%20union%20all%20select%200,1,2,3,4,5,6,concatusername,passwort,8%20FROM%20cebbuser%20%20where%20id=1/ OR...

Immunity Canvas: B1GBB_INCLUDE

Name| b1gbbinclude ---|--- CVE| CVE-2007-3401 Exploit Pack| CANVAS Description| B1gBB Include Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: b1gbb CVE Url: https://vulners.com/cve/CVE-2007-3401 CVE Name: CVE-2007-3401...

CVE-2007-3401

PHP remote file inclusion vulnerability in footer.inc.php in B1G b1gBB 2.24 allows remote attackers to execute arbitrary PHP code via a URL in the tfooter parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in footer.inc.php in B1G b1gBB 2.24 allows remote attackers to execute arbitrary PHP code via a URL in the tfooter parameter...

CVE-2007-3401

The CVE-2007-3401 entry details a PHP Remote File Inclusion in footer.inc.php of B1G b1gBB 2.24, exploitable via a URL in the tfooter parameter to execute arbitrary PHP code on remote systems. Affected component is the B1G b1gBB package; the vulnerability arises from unsafely including a URL-supp...

B1GBB Footer.Inc.PHP远程文件包含漏洞

B1GBB是一款基于PHP的WEB应用程序。 B1GBB不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'Footer.Inc.PHP'脚本对用户提交的'tfooter'参数缺少过滤，提交恶意的远程服务器作为包含对象，可导致以WEB进程权限执行任意PHP代码。 b1gBB 2.24 目前没有详细解决方案提供： http://board.b1g.de/forumdisplay.php?f=13 http://www.example.com/path/footer.inc.php?tfooter=shell?...

b1gbb 2.24.0 (footer.inc.php tfooter) Remote File Inclusion Vulnerability

No description provided by source. b1gBB b1g Bulletion Board footer.inc.php Remote File Inclusion Vulnerabilities D.Script : http://switch.dl.sourceforge.net/sourceforge/b1gbb/b1gbb-2.24.0.zip V.Code : include $tfooter In : footer.inc.php Exploits :...

b1gbb 2.24.0 (footer.inc.php tfooter) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ========================================================================= b1gbb 2.24.0 footer.inc.php tfooter Remote File Inclusion Vulnerability ========================================================================= b1gBB b1g Bulletion...