Lucene search
K

302 matches found

Cvelist
Cvelist
added 2011/09/23 11:0 p.m.21 views

CVE-2011-3710

bbPress 1.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by bb-templates/kakumei/view.php and certain other files...

6.1AI score0.01335EPSS
Exploits1References3
CVE
CVE
added 2011/09/23 11:0 p.m.40 views

CVE-2011-3710

The CVE-2011-3710 issue affects bbPress 1.0.2 and is an information disclosure vulnerability. A direct request to a vulnerable PHP file (notably bb-templates/kakumei/view.php and similar files) can reveal the installation path in an error message, exposing sensitive server paths. Multiple connect...

5CVSS6.3AI score0.01335EPSS
Exploits1References3Affected Software1
securityvulns
securityvulns
added 2011/03/29 12:0 a.m.64 views

HTB22904: Path disclosure in bbPress

Vulnerability ID: HTB22904 Reference: http://www.htbridge.ch/advisory/pathdisclosureinbbpress.html Product: bbPress Vendor: http://bbpress.org http://bbpress.org Vulnerable Version: 1.0.3 Vendor Notification: 15 March 2011 Vulnerability Type: Path disclosure Risk level: Low Credit: High-Tech Brid...

6.6AI score
Exploits0
htbridge
htbridge
added 2011/03/15 12:0 a.m.25 views

Installation Path Disclosure Weakness in bbPress

High-Tech Bridge SA Security Research Lab has discovered a weakness in bbPress which could be exploited to gain access to potentially sensitive information. 1 Installation path disclosure weakness in bbPress The weakness exists due to application reveals the full path to installation directory in...

5CVSS6.9AI score
Exploits0Affected Software1
securityvulns
securityvulns
added 2011/03/15 12:0 a.m.52 views

bbPress 1.0.2 <= Cross Site Scripting Vulnerability

========================================= bbPress 1.0.2 = Cross Site Scripting Vulnerability ========================================= 1. OVERVIEW bbPress 1.0.2 and lower versions were vulnerable to Cross Site Scripting. 2. APPLICATION DESCRIPTION bbPress is plain and simple forum software, plain...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2011/03/15 12:0 a.m.53 views

bbPress 1.0.2 <= Cross Site Scripting Vulnerability

OVERVIEW bbPress 1.0.2 and lower versions were vulnerable to Cross Site Scripting. 2. APPLICATION DESCRIPTION bbPress is plain and simple forum software, plain and simple with a twist from the creators of WordPress. It is focused on web standards, ease of use, ease of integration, and speed. 3...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/03/14 12:0 a.m.17 views

bbPress 1.0.2 Cross Site Scripting

========================================= bbPress 1.0.2 = Cross Site Scripting Vulnerability ========================================= 1. OVERVIEW bbPress 1.0.2 and lower versions were vulnerable to Cross Site Scripting. 2. APPLICATION DESCRIPTION bbPress is plain and simple forum software, plain...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2010/07/05 12:0 a.m.10 views

bbPress 1.0.2 - Cross-Site Request Forgery (Change Admin Password)

bbPress 1.0.2 - Cross-Site Request Forgery Change Admin Password : Software : bbPress v 1.0.2 : : site : www.bbpress.org : : date : 29/6/2010 : : Author : saudi0hacker : : Date : May 25, 2010 : : Type : CSRF : : Greetz to : pr.al7rbi : so busy : evil-ksa : Dr.dakota : v4-team.com :...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2010/07/05 12:0 a.m.28 views

bbPress 1.0.2 - Cross-Site Request Forgery (Change Admin Password)

: Software : bbPress v 1.0.2 : : site : www.bbpress.org : : date : 29/6/2010 : : Author : saudi0hacker : : Date : May 25, 2010 : : Type : CSRF : : Greetz to : pr.al7rbi : so busy : evil-ksa : Dr.dakota : v4-team.com : :----------------------------------------------------------------------------:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/06/30 12:0 a.m.20 views

bbPress 1.0.2 Cross Site Request Forgery

: Software : bbPress v 1.0.2 CSRF : site : www.bbpress.org : date : 29/6/2010 : Author : saudi0hacker : Date : May 25, 2010 : Type : CSRF : Greetz to : pr.al7rbi : so busy : evil-ksa : Dr.dakota : v4-team.com admin Key Master Hotmail: Free, trusted and rich email service...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2010/06/30 12:0 a.m.12 views

bbPress v1.0.2 Cross-Site Request Forgery

No description provided by source. : Software : bbPress v 1.0.2 CSRF : site : www.bbpress.org : Author : saudi0hacker : Date : May 25, 2010 : Type : CSRF : Greetz to : pr.al7rbi : so busy : evil-ksa : Dr.dakota : v4-team.com html body onload=\"document.forms\'Login\'.submit;\" form...

7.1AI score
Exploits0
0day.today
0day.today
added 2010/06/29 12:0 a.m.14 views

bbPress v1.0.2 Cross-Site Request Forgery

Exploit for php platform in category web applications ========================================= bbPress v1.0.2 Cross-Site Request Forgery ========================================= : Software : bbPress v 1.0.2 CSRF : site : www.bbpress.org : date : 29/6/2010 : Author : saudi0hacker : Date : May 25...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/12/29 12:0 a.m.53 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. bbPress: crossite scripting, protection bypass...

9.3CVSS1.5AI score0.12865EPSS
Exploits1References8Affected Software5
securityvulns
securityvulns
added 2008/12/28 12:0 a.m.40 views

Vulnerabilities in bbPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Insufficient Anti-automation и Cross-Site Scripting уязвимостях в bbPress форумный движок. Insufficient Anti-automation: На странице регистрации http://site/path/register.php нет защиты от автоматизированных запросов капчи. XSS IE: Уязвимость в...

0.2AI score
Exploits0
Prion
Prion
added 2007/06/15 1:30 a.m.14 views

Sql injection

SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress before 0.8.1 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, as demonstrated by a PRE element, aka the "quircky slashes bug."...

7.5CVSS9AI score0.01299EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2007/06/15 1:30 a.m.14 views

CVE-2007-3243

Cross-site scripting XSS vulnerability in bb-login.php in bbPress 0.8.1 allows remote attackers to inject arbitrary web script or HTML via the re parameter. NOTE: exploitation may require forcing the client to send a certain Referer header...

4.3CVSS5.7AI score0.01545EPSS
Exploits1References5
NVD
NVD
added 2007/06/15 1:30 a.m.14 views

CVE-2007-3244

SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress before 0.8.1 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, as demonstrated by a PRE element, aka the "quircky slashes bug."...

7.5CVSS8.3AI score0.01299EPSS
Exploits0References7
Cvelist
Cvelist
added 2007/06/15 1:0 a.m.16 views

CVE-2007-3244

SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress before 0.8.1 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, as demonstrated by a PRE element, aka the "quircky slashes bug."...

8.3AI score0.01299EPSS
Exploits0References7
CVE
CVE
added 2007/06/15 1:0 a.m.41 views

CVE-2007-3243

CVE-2007-3243 affects bbPress 0.8.1 via bb-login.php. The XSS vulnerability allows remote attackers to inject arbitrary script/HTML through the re parameter; exploitation may hinge on a specific Referer header being sent by the client. The cited sources (NVD entry) describe the issue and impact a...

4.3CVSS5.7AI score0.01545EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2007/06/15 1:0 a.m.47 views

CVE-2007-3244

CVE-2007-3244 describes a SQL injection in bbPress prior to version 0.8.1. The vulnerability is in bb-includes/formatting-functions.php and can allow remote attackers to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, demonstrated by a PRE element (the “quirky slashe...

7.5CVSS8.3AI score0.01299EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder