Lucene search
K

233 matches found

CVE
CVE
added 2006/05/12 12:0 a.m.49 views

CVE-2006-2320

CVE-2006-2320 affects IdealBB (Ideal Science) 1.5.4a and earlier. The vulnerability is described as multiple SQL injection flaws enabling remote attackers to execute arbitrary SQL commands via multiple unspecified vectors related to stored procedure calls. The public details do not specify exact ...

7.5CVSS8.1AI score0.01413EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2006/05/12 12:0 a.m.49 views

CVE-2006-2318

CVE-2006-2318 affects Ideal Science Ideal BB versions up to 1.5.4a. The flaw is an incomplete blacklist that allows a remote attacker to upload and execute an ASP script by uploading a ".asa" file, bypassing the ".asp" extension check but executable on the server. The NVD entry cites a CVSSv2 bas...

7.5CVSS6.9AI score0.02413EPSS
Exploits1References9Affected Software1
CVE
CVE
added 2006/05/12 12:0 a.m.56 views

CVE-2006-2319

CVE-2006-2319 affects Ideal Science Ideal BB 1.5.4a and earlier. The vulnerability arises from improper validation of file extensions before upload, allowing a remote attacker to insert a 0x00 character before the ".asp" portion of a filename to upload and execute an ASP script on the server. The...

5CVSS6.9AI score0.01922EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2006/05/12 12:0 a.m.23 views

CVE-2006-2321

Multiple cross-site scripting XSS vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: due to lack of details from the researcher, it is not clear whether this overlaps CVE-2004-2207...

5.6AI score0.01373EPSS
Exploits0References8
CVE
CVE
added 2006/05/12 12:0 a.m.44 views

CVE-2006-2317

CVE-2006-2317 pertains to IdealBB 1.5.4a and earlier. The vulnerability arises from the OpenTextFile usage in Scripting.FileSystemObject, allowing remote attackers to read arbitrary files under the web root via unspecified attack vectors. The NVD notes the impact as partial confidentiality with n...

5CVSS6.7AI score0.01937EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2006/05/12 12:0 a.m.17 views

CVE-2006-2317

Unspecified vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to read arbitrary files under the web root via unspecified attack vectors related to the OpenTextFile method in Scripting.FileSystemObject...

6.7AI score0.01937EPSS
Exploits0References9
Cvelist
Cvelist
added 2006/05/12 12:0 a.m.21 views

CVE-2006-2319

Ideal Science Ideal BB 1.5.4a and earlier does not properly check file extensions before permitting an upload, which allows remote attackers to upload and execute an ASP script via a 0x00 character before the ".asp" portion of the filename...

6.9AI score0.01922EPSS
Exploits0References9
Cvelist
Cvelist
added 2005/09/14 4:0 a.m.18 views

CVE-2005-2886

Multiple cross-site scripting XSS vulnerabilities in MAXdev MD-Pro 1.0.73, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via 1 the print parameter to the print module, the sitename parameter to 2 bbsmilies or 3 bbcoderef module, or 4 the hlpfile...

5.9AI score0.01255EPSS
Exploits1References5
CVE
CVE
added 2005/05/16 4:0 a.m.38 views

CVE-2005-1592

CVE-2005-1592 affects BirdBlog versions before 1.3.1, where multiple javascript vulnerabilities in BBCode allow remote attackers to inject arbitrary JavaScript. The issue is documented across multiple feeds (NVD/Red Hat/CVE) with the same description. No exploit details are provided in the connec...

7.5CVSS7.2AI score0.01457EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns
added 2005/01/16 12:0 a.m.31 views

XSS in the nested BB tag in many forum

XSS was found in the nested BB tag in many forum: Invision Power Board: COLOR=IMGhttp://aaa.aa/=aaa.jpg/IMG style=background:urljavascript:alert /COLOR vBulletin EMAIL=URL=s [email protected]:[email protected] sssssss/URL/EMAIL style=background:urljavaSCrip t:alert/HifromAlgol/ using tab between...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2004/10/16 12:0 a.m.19 views

[SA12835] Ideal BB Multiple Unspecified Vulnerabilities

TITLE: Ideal BB Multiple Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA12835 VERIFY ADVISORY: http://secunia.com/advisories/12835/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: Ideal BB 1.x http://secunia.com/product/1966/...

0.6AI score
Exploits0
CVE
CVE
added 2001/09/12 4:0 a.m.50 views

CVE-1999-1462

The CVE-1999-1462 issue affects the Big Brother bb-hist.sh History module, specifically in Big Brother 1.09b and 1.09c. The vulnerability is a directory traversal flaw exposed through the HISTFILE parameter of the bb-hist.sh CGI, allowing a remote attacker to read arbitrary files on the affected ...

5CVSS6.7AI score0.02179EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2000/12/19 5:0 a.m.59 views

CVE-2000-1177

CVE-2000-1177 affects Big Brother (BB) prior to 1.5d3, where several scripts (bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, bb-ack.sh) allow remote attackers to determine whether files exist and deduce user IDs by passing a target filename in HISTFILE. The entry bases impact ...

5CVSS7AI score0.07953EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder