CVE-2006-0155

Cross-site scripting XSS vulnerability in posts.php in 427BB 2.2 and 2.2.1 allows remote attackers to inject arbitrary Javascript via a new message with a url bbcode tag containing a javascript URI...

[eVuln] Foxrum BBCode XSS Vulnerabilty

New eVuln Advisory: Foxrum BBCode XSS Vulnerabilty --------------------Summary---------------- Software: Foxrum Sowtware's Web Site: http://www.foxrum.fr.st/ Versions: 4.0.4f Critical Level: Harmless Type: Cross-Site Scripting Class: Remote Status: Unpatched Exploit: Available Solution: Available...

CVE-2006-0140

Cross-site scripting XSS vulnerability in post.php in NavBoard V16 Stable2.6.0 and V17beta2 allows remote attackers to inject arbitrary web script or HTML via the 1 b, 2 textlarge, and 3 url bbcode tags...

[eVuln] NavBoard BBcode XSS Vulnerability

New eVuln Advisory: NavBoard BBcode XSS Vulnerability --------------------Summary---------------- Vendor: NavBoard Vendor's Web Site: http://navarone.f2o.org/ Software: NavBoard Sowtware's Web Site: http://sourceforge.net/projects/navboard/ Versions: checked: V16 Stable2.6.0 and V17beta2 Critical...

EV0019.txt

New eVuln Advisory: NavBoard BBcode XSS Vulnerability --------------------Summary---------------- Vendor: NavBoard Vendor's Web Site: http://navarone.f2o.org/ Software: NavBoard Sowtware's Web Site: http://sourceforge.net/projects/navboard/ Versions: checked: V16 Stable2.6.0 and V17beta2 Critical...

CVE-2006-0102

Cross-site scripting XSS vulnerability in TinyPHPForum TPF 3.6 and earlier allows remote attackers to inject arbitrary web script via a javascript: scheme in an "a" bbcode tag, possibly the txt parameter to action.php...

Cross site scripting

Cross-site scripting XSS vulnerability in TinyPHPForum TPF 3.6 and earlier allows remote attackers to inject arbitrary web script via a javascript: scheme in an "a" bbcode tag, possibly the txt parameter to action.php...

phpBB < 2.0.19 Multiple XSS

According to its version number, the remote version of this software is vulnerable to JavaScript injection issues using 'url' bbcode tags and, if HTML tags are enabled, HTML more generally. This may allow an attacker to inject hostile JavaScript into the forum system to steal cookie credentials o...

CVE-2005-4665

Cross-site scripting XSS vulnerability in PunBB 1.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via Javascript contained in nested, malformed BBcode url tags...

CVE-2005-4588

Cross-site scripting XSS vulnerability in Koobi 5 allows remote attackers to inject arbitrary web script or HTML via nested, malformed url BBCode tags. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2005-4588

The CVE-2005-4588 entry describes a Cross-site scripting (XSS) vulnerability in Koobi 5. The issue arises when parsing nested, malformed URL BBCode tags, enabling remote attackers to inject arbitrary web script or HTML into the affected application. The sources indicate the vulnerability is in Ko...

Phpclanwebsite 1.23.1 - BBCode IMG Tag Script Injection

source: https://www.securityfocus.com/bid/16300/info Phpclanwebsite is prone to a script-injection vulnerability. An attacker can nest BBCode IMG tags to trigger this issue and execute arbitrary code in a user's browser. Attacker-supplied HTML and script code would be able to access properties of...

Phpclanwebsite 1.23.1 - BBCode IMG Tag Script Injection

Phpclanwebsite 1.23.1 - BBCode IMG Tag Script Injection source: https://www.securityfocus.com/bid/16300/info Phpclanwebsite is prone to a script-injection vulnerability. An attacker can nest BBCode IMG tags to trigger this issue and execute arbitrary code in a user's browser. Attacker-supplied HT...

Dream4 Koobi 5.0 - BBCode URL Tag Script Injection

source: https://www.securityfocus.com/bid/16078/info Koobi is prone to a script injection vulnerability. An attacker can nest BBCode URL tags to trigger this issue and execute arbitrary code in a user's browser. Attacker-supplied HTML and script code would be able to access properties of the site...

phpBB <= 2.0.17 (signature_bbcode_uid) Remote Command Exploit

Exploit for unknown platform in category web applications ============================================================= phpBB new or die; $cookiejar = HTTP::Cookies-new; for$i=0;$icookiejar $cookiejar ; $res = $xpl-post $path.'profile.php?GLOBALSsignaturebbcodeuid=.%2B/e%00', Content = 'username'...

phpBB Blog 2.2.2 SQL inj. vuln.

phpBB Blog 2.2.2 SQL inj. vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/phpbb-blog-222-sql-inj-vuln.html vendor:http://www.outshine.com/phpbbblog/ affected version:2.2.2 and prior Product Description: This is a blog system for phpBB. It...

ASP-DEv XM Forum IMG Tag Script Injection Vulnerability

The remote web server contains an ASP script which is vulnerable to a cross site scripting issue. Description : The remote host appears to be running the ASP-DEV XM Forum. There is a flaw in the remote software which may allow anyone to inject arbitrary HTML and script code through the BBCode IMG...

CVE-2005-2886

Multiple cross-site scripting XSS vulnerabilities in MAXdev MD-Pro 1.0.73, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via 1 the print parameter to the print module, the sitename parameter to 2 bbsmilies or 3 bbcoderef module, or 4 the hlpfile...

[SA16775] PunBB Multiple Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

CVE-2005-2783

Cross-site scripting XSS vulnerability in PHP-Fusion 6.00.107 and earlier allows remote attackers to inject arbitrary web script or HTML via nested, malformed URL BBCode tags...