Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-6061

Malware in sbrugna...

6.8CVSS6.4AI score0.00909EPSS
Exploits1References4
Prion
Prion
added 2009/03/06 6:30 p.m.9 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in BMForum 5.6 allow remote attackers to inject arbitrary web script or HTML via the 1 outpused parameter to index.php, the 2 footercopyright and 3 verandproname parameters to newtem/footer/bsd01footer.php, and the 4 topads and 5 myplugin paramete...

4.3CVSS6.1AI score0.01823EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2009/03/06 6:30 p.m.16 views

CVE-2008-6431

Multiple cross-site scripting XSS vulnerabilities in BMForum 5.6 allow remote attackers to inject arbitrary web script or HTML via the 1 outpused parameter to index.php, the 2 footercopyright and 3 verandproname parameters to newtem/footer/bsd01footer.php, and the 4 topads and 5 myplugin paramete...

4.3CVSS5.8AI score0.01823EPSS
Exploits1References7
CVE
CVE
added 2009/03/06 6:0 p.m.43 views

CVE-2008-6431

BMForum 5.6 is affected by multiple cross-site scripting (XSS) vulnerabilities. The issue arises from unsafely handling user-supplied input in several parameters: (1) outpused in index.php, (2) footer_copyright and (3) verandproname in newtem/footer/bsd01footer.php, and (4) topads and (5) myplugi...

4.3CVSS5.9AI score0.01823EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2009/02/09 5:30 p.m.20 views

Sql injection

SQL injection vulnerability in plugins.php in BMForum 5.6, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tagname parameter...

6.8CVSS9.1AI score0.00909EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2009/02/09 5:0 p.m.45 views

CVE-2008-6091

CVE-2008-6091 describes an SQL injection in BMForum 5.6 affecting the plugins.php vulnerability when magic_quotes_gpc is disabled. The vulnerable surface is the tagname parameter, enabling remote attackers to execute arbitrary SQL commands. The NVD entry lists a CVSS v2 base score of 6.8 (MEDIUM)...

6.8CVSS8.7AI score0.00909EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2009/02/09 5:0 p.m.28 views

CVE-2008-6091

SQL injection vulnerability in plugins.php in BMForum 5.6, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tagname parameter...

8.3AI score0.00909EPSS
Exploits1References3
Rows per page
Query Builder