EUVD-2008-6061

Malware in sbrugna...

EUVD-2008-6401

Malware in sbrugna...

BMForum 5.6 - index.php outpused Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29339/info BMForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

BMForum 3.0 post.php forumid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14396/info BMForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...

BMForum Myna 6.0 - SQL Injection Vulnerability

No description provided by source. Author: Stephan Sattler Software Website: http://www.bmforum.com/ Software Link: http://www.bmforum.com/down/ Required: magic quotes = Off Vulnerability /add-on/jsviewnew.php line 20++: $length = $GET'length'; $forumid = $GET'forumid'; $num = $GET'num';...

BMForum 5.6 - newtem/header/bsd01header.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29339/info BMForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

BMForum 3.0 forums.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14396/info BMForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...

BMForum 5.6 - newtem/footer/bsd01footer.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29339/info BMForum is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

BMForum 3.0 announcesys.php forumid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14396/info BMForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...

BMForum Myna 6.0 SQL injection vulnerability-vulnerability warning-the black bar safety net

BMForum is a used in personal, business areas based on the MySQL database to the new PHP Forum program. BMForum Myna 6.0 existSQL injectionvulnerabilities that could lead to sensitive information disclosure. +info: BMForum Myna 6.0 SQL Injection Vulnerability Author: Stephan Sattler Software...

BMForum Myna 6.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Author: Stephan Sattler Software Website: http://www.bmforum.com/ Software Link: http://www.bmforum.com/down/ Required: magic quotes = Off Vulnerability /add-on/jsviewnew.php line 20++: $length = $GET'length'; $forumid = $GET'forumid'; $num =...

BMForum Myna 6.0 - SQL Injection

BMForum Myna 6.0 - SQL Injection Author: Stephan Sattler Software Website: http://www.bmforum.com/ Software Link: http://www.bmforum.com/down/ Required: magic quotes = Off Vulnerability /add-on/jsviewnew.php line 20++: $length = $GET'length'; $forumid = $GET'forumid'; $num = $GET'num';...

BMForum Myna 6.0 - SQL Injection

Author: Stephan Sattler Software Website: http://www.bmforum.com/ Software Link: http://www.bmforum.com/down/ Required: magic quotes = Off Vulnerability /add-on/jsviewnew.php line 20++: $length = $GET'length'; $forumid = $GET'forumid'; $num = $GET'num'; $forumnum=$forumid; .... $query = "SELECT...

BMForum Myna 6.0 SQL Injection

Author: Stephan Sattler Software Website: http://www.bmforum.com/ Software Link: http://www.bmforum.com/down/ Required: magic quotes = Off Vulnerability /add-on/jsviewnew.php line 20++: $length = $GET'length'; $forumid = $GET'forumid'; $num = $GET'num'; $forumnum=$forumid; .... $query = "SELECT...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in BMForum 5.6 allow remote attackers to inject arbitrary web script or HTML via the 1 outpused parameter to index.php, the 2 footercopyright and 3 verandproname parameters to newtem/footer/bsd01footer.php, and the 4 topads and 5 myplugin paramete...

CVE-2008-6431

Multiple cross-site scripting XSS vulnerabilities in BMForum 5.6 allow remote attackers to inject arbitrary web script or HTML via the 1 outpused parameter to index.php, the 2 footercopyright and 3 verandproname parameters to newtem/footer/bsd01footer.php, and the 4 topads and 5 myplugin paramete...

CVE-2008-6431

BMForum 5.6 is affected by multiple cross-site scripting (XSS) vulnerabilities. The issue arises from unsafely handling user-supplied input in several parameters: (1) outpused in index.php, (2) footer_copyright and (3) verandproname in newtem/footer/bsd01footer.php, and (4) topads and (5) myplugi...

CVE-2008-6091

SQL injection vulnerability in plugins.php in BMForum 5.6, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tagname parameter...

Sql injection

SQL injection vulnerability in plugins.php in BMForum 5.6, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tagname parameter...

CVE-2008-6091

SQL injection vulnerability in plugins.php in BMForum 5.6, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tagname parameter...