CVE-2009-4651

Multiple cross-site scripting XSS vulnerabilities in the Webee Comments comwebeecomment component 1.1.1, 1.2, and 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the 1 color, 2 img, or 3 url BBCode tags in unspecified vectors...

DasForum Local File Inclusion

'/ -.- --------------------oOO------OOo------------------- | DasForum layout Local File Inclusion Exploit | | works only with magicquotesgpc = off | ------------------------------------------------------ ! Discovered: cr4wl3r ! Download: http://mirror.vocabbuilder.net/savannah/dasforum/ ! Date:...

CVE-2009-4408

Multiple cross-site scripting XSS vulnerabilities in models.parser in PyForum 1.0.3 and possibly earlier versions, and possibly zForum, allow remote attackers to inject arbitrary web script or HTML via crafted BBcode 1 img or 2 url tags, which are not properly handled when a post is viewed...

CVE-2009-4408

CVE-2009-4408 affects PyForum 1.0.3 (and possibly earlier versions) and possibly zForum, via the models.parser component. The root cause is improper handling of crafted BBCode (img and url tags) in posts, allowing remote XSS when a post is viewed. Publicly available references confirm multiple XS...

eoCMS 0.9.03 Remote File Inclusion

eoCMS '; $BBCODEoverride = getStandard'./js/bbcodepress/'; // $BBCODEoverride = getStandard'./js/bbcodepress/','-eocms'; Example : path/js/bbcodepress/bbcode-form.php?BBCODEpath=Shell 9r33tZ T0 : 4ll 1nd0n3s14n r34l h4ck3r ... fuck : x-ace m0th3r fuck3r 1nd0n3s14n r34l sn1ch tomahawk b19 l4m3rs...

eoCMS 0.9.03 - Remote File Inclusion

eoCMS 0.9.03 - Remote File Inclusion Exploit Title: eoCMS = 0.9.03 Remote FIle Include Vulnerability Date: 14-12-2009 Author: 1nd0n3s14n l4m3r Software Link: http://eocms.com/index.php?act=plugin&id=4 Version: N/A Tested on: GNU/LINUX CVE : N/A Code : N/A eoCMS = 0.9.03 Remote FIle Include...

eoCMS <= 0.9.03 Remote FIle Include Vulnerability

Exploit for unknown platform in category web applications ================================================= eoCMS = 0.9.03 Remote FIle Include Vulnerability ================================================= Exploit Title: eoCMS = 0.9.03 Remote FIle Include Vulnerability Date: 14-12-2009 Author:...

eoCMS 0.9.03 - Remote File Inclusion

Exploit Title: eoCMS = 0.9.03 Remote FIle Include Vulnerability Date: 14-12-2009 Author: 1nd0n3s14n l4m3r Software Link: http://eocms.com/index.php?act=plugin&id=4 Version: N/A Tested on: GNU/LINUX CVE : N/A Code : N/A eoCMS = 0.9.03 Remote FIle Include Vulnerability Created By 1nd0n3s14n l4m3r c...

eoCMS &lt;= 0.9.03 Remote FIle Include Vulnerability

No description provided by source. Exploit Title: eoCMS = 0.9.03 Remote FIle Include Vulnerability Date: 14-12-2009 Author: 1nd0n3s14n l4m3r Software Link: http://eocms.com/index.php?act=plugin&id=4 Version: N/A Tested on: GNU/LINUX CVE : N/A Code : N/A eoCMS = 0.9.03 Remote FIle Include...

UseBB BBcode Parsing Remote Denial Of Service Vulnerability

This host has UseBB installed and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodusebbbbcodedosvuln.nasl 5148 2017-01-31 13:16:55Z teissa $ UseBB BBcode Parsing Remote Denial Of Service Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod,...

CVE-2009-4041

UseBB 1.0.9 before 1.0.10 allows remote attackers to cause a denial of service infinite loop via crafted BBCode tags...

CVE-2009-4041

UseBB 1.0.9 before 1.0.10 allows remote attackers to cause a denial of service infinite loop via crafted BBCode tags...

CVE-2009-4041

CVE-2009-4041 affects UseBB 1.0.9 before 1.0.10. A crafted BBCode tag causes the BBCode parser to loop infinitely, enabling a remote attacker to trigger a denial of service. The available connected documents confirm the DoS condition but do not provide a patched version or definitive remediation ...

CVE-2009-3803

Multiple cross-site scripting XSS vulnerabilities in Amiro.CMS 5.4.0.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the statusmessage parameter to 1 /news, 2 /comment, 3 /forum, 4 /blog, and 5 /tags; the statusmessage parameter to 6 forum.php, 7 discussion.php, 8...

CVE-2009-3803

Multiple cross-site scripting XSS vulnerabilities in Amiro.CMS 5.4.0.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the statusmessage parameter to 1 /news, 2 /comment, 3 /forum, 4 /blog, and 5 /tags; the statusmessage parameter to 6 forum.php, 7 discussion.php, 8...

CVE-2008-6885

Cross-site scripting XSS vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute in a URL BBcode tag in a private message...

Cross site scripting

Cross-site scripting XSS vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute in a URL BBcode tag in a private message...

CVE-2008-6885

Cross-site scripting XSS vulnerability in pmlite.php in XOOPS 2.3.1 and 2.3.2a allows remote attackers to inject arbitrary web script or HTML via a STYLE attribute in a URL BBcode tag in a private message...

Phorum : Permanent Cross-Site Scripting Vulnerabilities

//----- Advisory Program : Phorum 5.2.11 Homepage : http://www.phorum.org/ Discovery : 2009/07/16 Author Contacted : 2009/07/17 Found by : crashfr at sysdream dot com This Advisory : crashfr at sysdream dot com //----- Application description Started in 1998, Phorum was the original PHP and MySQL...

Phorum 5.2.11 - Persistent Cross-Site Scripting

//----- Advisory Program : Phorum 5.2.11 and prior Homepage : http://www.phorum.org/ Discovery : 2009/07/16 Author Contacted : 2009/07/17 Found by : CrashFr This Advisory : CrashFr //----- Application description Started in 1998, Phorum was the original PHP and MySQL based Open Source forum...