CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

======================================================================================== | Title : BaalASP 2.0 DB Download Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | | Web Site : www.iq-ty.com...

7.4AI score

Exploits0

seebug.org•added 2009/12/29 12:0 a.m.•23 views

BaalASP 2.0 DB Download Vulnerability

No description provided by source. ======================================================================================== | Title : BaalASP 2.0 DB Download Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...

7.1AI score

Exploits0

Exploit DB•added 2009/12/29 12:0 a.m.•26 views

BaalASP 2.0 - Database Disclosure

7.4AI score

Exploits0

exploitpack•added 2009/12/29 12:0 a.m.•20 views

BaalASP 2.0 - Database Disclosure

BaalASP 2.0 - Database Disclosure ======================================================================================== | Title : BaalASP 2.0 DB Download Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...

7.4AI score

Exploits0

0day.today•added 2009/12/29 12:0 a.m.•21 views

BaalASP 2.0 DB Download Vulnerability

Exploit for asp platform in category web applications ===================================== BaalASP 2.0 DB Download Vulnerability ===================================== ======================================================================================== | Title : BaalASP 2.0 DB Download...

7.1AI score

Exploits0

NVD•added 2006/11/24 6:7 p.m.•12 views

CVE-2006-6089

Multiple cross-site scripting XSS vulnerabilities in addpost1.asp in BaalAsp forum allow remote attackers to inject arbitrary web script or HTML via the 1 title Subject, 2 groupname Group Name, or 3 detail Message field...

4.3CVSS5.8AI score0.00572EPSS

Exploits0References7

NVD•added 2006/11/24 6:7 p.m.•14 views

CVE-2006-6090

Multiple SQL injection vulnerabilities in BaalAsp forum allow remote attackers to execute arbitrary SQL commands via the 1 password parameter to a adminlogin.asp, the 2 name or 3 password parameter to b userlogin.asp, or the 3 search parameter to search.asp...

7.5CVSS8.7AI score0.01233EPSS

Exploits1References8

Cvelist•added 2006/11/24 6:0 p.m.•17 views

CVE-2006-6090

8.7AI score0.01233EPSS

Exploits1References8

CVE•added 2006/11/24 6:0 p.m.•47 views

CVE-2006-6090

CVE-2006-6090 documents multiple SQL injection vulnerabilities in the BaalAsp forum that allow remote attackers to execute arbitrary SQL commands via (1) the password parameter to adminlogin.asp, (2) the name or password parameter to userlogin.asp, or (3) the search parameter to search.asp. The N...

7.5CVSS9.1AI score0.01233EPSS

Exploits1References8Affected Software1

Cvelist•added 2006/11/24 6:0 p.m.•17 views

CVE-2006-6089

5.8AI score0.00572EPSS

Exploits0References7

CVE•added 2006/11/24 6:0 p.m.•51 views

CVE-2006-6089

CVE-2006-6089 corresponds to multiple cross-site scripting (XSS) vulnerabilities in BaalAsp forum’s addpost1.asp. The flaws allow remote attackers to inject arbitrary script or HTML via the title/Subject, groupname/Group Name, or detail/Message fields. The affected software is BaalAsp forum (addp...

4.3CVSS6AI score0.00572EPSS

Exploits0References7Affected Software1

NVD•added 2006/11/24 5:7 p.m.•13 views

CVE-2006-6075

Cross-site scripting XSS vulnerability in addpost1.asp in BaalAsp forum allows remote attackers to inject arbitrary web script or HTML via the name parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information...

6.8CVSS5.6AI score0.00867EPSS

Exploits0References2

CVE•added 2006/11/24 5:0 p.m.•49 views

CVE-2006-6075

The CVE-2006-6075 entry describes a cross-site scripting (XSS) vulnerability in BaalAsp forum, specifically in addpost1.asp via the name parameter. The underlying issue is insufficient input handling that allows remote attackers to inject arbitrary script/HTML. CVSS v2 base score is 6.8 (Medium) ...

6.8CVSS5.8AI score0.00867EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2006/11/24 12:0 a.m.•1 views

PT-2006-6735 · Baal · Baalasp Forum

Name of the Vulnerable Software and Affected Versions: BaalAsp forum affected versions not specified Description: The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities allow remote attackers to execute arbitrary SQL commands. The vulnerabilities can be exploited through...

7.5CVSS8.1AI score0.01233EPSS

Exploits1References9

Positive Technologies•added 2006/11/24 12:0 a.m.•2 views

PT-2006-6734 · Baalasp · Baalasp Forum

Name of the Vulnerable Software and Affected Versions: BaalAsp forum affected versions not specified Description: The issue concerns multiple cross-site scripting XSS vulnerabilities in the addpost1.asp file of the BaalAsp forum. These vulnerabilities allow remote attackers to inject arbitrary we...

4.3CVSS5.7AI score0.00572EPSS

Exploits0References8

Packet Storm•added 2006/11/17 12:0 a.m.•15 views

baalasp.txt

vendor site:http://baalasp.com/ product:BaalAsp forum bug:login bypass, injection sql post, xss post risk:high authentification bypass : admin login bypass == /adminlogin.asp passwd: 'or''=' user login bypass == /userlogin.asp user: 'or''=' passwd: 'or''=' injection sql post == /search.asp...

7.4AI score

Exploits0

Packet Storm•added 2005/10/11 12:0 a.m.•25 views

baalASPSQL.txt

------------------------------------------------------ Nightmare TeAmZ Advisory 002 ------------------------------------------------------ Date - 10/2005 BaalASP Free Bulletin Board Sql Injection Admin Login AFFECTED PRODUCTS ================= BaalASP Free Bulletin Board...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by