phpBB 2.0.x - BBCode.php URL Tag

phpBB 2.0.x - BBCode.php URL Tag source: https://www.securityfocus.com/bid/13545/info The phpbb vendor reports that a critical vulnerability exists in the BBCode handling routines of the 'bbcode.php' script. The bbcode url tag is not properly sanitized of user-supplied input. This could permit th...

CVE-2005-1448

CVE-2005-1448 describes a cross-site scripting (XSS) vulnerability in the Serendipity BBCode plugin for Serendipity, prior to version 0.8. Remote attackers can inject arbitrary web script or HTML, which executes in a user’s browser when viewing malicious entries or comments. The affected componen...

CVE-2005-1448

Cross-site scripting XSS vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2005-1448

Cross-site scripting XSS vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

Serendipity BBCode Plugin XSS

According to its banner, the version of Serendipity installed on the remote host does not properly filter user-supplied input for selected fields if the BBCode plugin is enabled - it is not by default. By exploiting this flaw, an attacker can cause arbitrary HTML and script code to be executed by...

phpBB <= 2.0.14 Multiple Vulnerabilities

According to its banner, the remote host is running a version of phpBB that suffers from multiple flaws: - A BBCode Input Validation Vulnerability The application fails to properly filter for the BBCode URL in the 'includes/bbcode.php' script. With a specially crafted URL, an attacker could cause...

ASP-DEV XM Forum RC3 - IMG Tag Script Injection

source: https://www.securityfocus.com/bid/12958/info XM Forum is reported prone to a script injection vulnerability. An attacker can supply arbitrary HTML and script code through the BBCode IMG tag to trigger this issue and execute arbitrary script code in a user's browser. XM Forum RC3 is report...

ASP-DEV XM Forum RC3 - IMG Tag Script Injection

ASP-DEV XM Forum RC3 - IMG Tag Script Injection source: https://www.securityfocus.com/bid/12958/info XM Forum is reported prone to a script injection vulnerability. An attacker can supply arbitrary HTML and script code through the BBCode IMG tag to trigger this issue and execute arbitrary script...

CVE-2005-0692

PHP-Fusion 5.x is affected by CVE-2005-0692 due to an XSS vulnerability in fusion_core.php. An attacker can inject arbitrary web script or HTML via a message containing an IMG BBCode that carries character-encoded Javascript, which will execute in the victim’s browser when the malicious BBCode is...

CVE-2005-0692

Cross-site scripting XSS vulnerability in fusioncore.php for PHP-Fusion 5.x allows remote attackers to inject arbitrary web script or HTML via a message with IMG bbcode containing character-encoded Javascript...

PHP-Fusion 5.0 - BBCode IMG Tag Script Injection

source: https://www.securityfocus.com/bid/12751/info PHP-Fusion is reported prone to a script injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input prior to including it in dynamically generated content. An attacker can supply ASCII...

PHP-Fusion 5.0 - BBCode IMG Tag Script Injection

PHP-Fusion 5.0 - BBCode IMG Tag Script Injection source: https://www.securityfocus.com/bid/12751/info PHP-Fusion is reported prone to a script injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input prior to including it in dynamically...

PHP-Fusion < 5.01 BBcode IMG Tag XSS

Binary data 2682.prm...

CVE-2005-0692

Cross-site scripting XSS vulnerability in fusioncore.php for PHP-Fusion 5.x allows remote attackers to inject arbitrary web script or HTML via a message with IMG bbcode containing character-encoded Javascript...

CVE-2005-0374

CVE-2005-0374 affects BiTBOARD (2.5 and earlier). The issue is a cross-site scripting (XSS) vulnerability exploitable via an [img] bbcode image tag with an event (e.g., mouseover). Documented impact includes potential cookie theft and partial integrity impact on affected pages. Remediation shown ...

ExBB Nested BBcode XSS

Binary data 2546.prm...

YaBB Shadow BBCode Tag XSS

Binary data 2439.prm...

BiTBOARD IMG BBCode Tag JavaScript XSS

Binary data 2524.prm...

CVE-2004-2038

Cross-site scripting XSS vulnerability in Land Down Under LDU before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in 1 functions.php, 2 header.php or 3 auth.inc.php...

Land Down Under - BBCode HTML Injection

Land Down Under - BBCode HTML Injection source: https://www.securityfocus.com/bid/10435/info Land Down Under is prone to an HTML injection vulnerability. This issue is exposed through their BBCode implementation. Exploitation could permit theft of cookie credentials, manipulation of content, or...