18 matches found
EUVD-2005-1573
Malware in sbrugna...
EUVD-2006-0977
Malware in sbrugna...
EUVD-2003-0210
Malware in sbrugna...
Battleaxe Software BttlxeForum 2.0 Failure.ASP Cross-Site Scripting Vulnerability
No description provided by source...
CVE-2006-0974
CVE-2006-0974 describes a cross-site scripting vulnerability in failure.asp of Battleaxe bttlxeForum 2.0, exploitable via the err_txt parameter to inject arbitrary script/HTML. Affected component: failure.asp in Battleaxe bttlxeForum 2.0. The NVD entry lists a CVSS v2 base score of 4.3 (Medium) w...
CVE-2006-0974
Cross-site scripting XSS vulnerability in failure.asp in Battleaxe bttlxeForum 2.0 allows remote attackers to inject arbitrary web script or HTML via the errtxt parameter...
bttlxeXSS.txt
--------------------Summary---------------- Software: bttlxeForum Sowtware's Web Site: http://www.bttlxe.com/ Versions: 2. Type: Cross-Site Scripting Class: Remote Exploit: Available Solution: Not Available Discovered by: runvirus worlddefacers.de securitycentra.com...
bttlxeForum 2.* XSS Vulnerability
--------------------Summary---------------- Software: bttlxeForum Sowtware's Web Site: http://www.bttlxe.com/ Versions: 2. Type: Cross-Site Scripting Class: Remote Exploit: Available Solution: Not Available Discovered by: runvirus worlddefacers.de securitycentra.com...
Battleaxe Software BttlxeForum 2.0 - Failure.asp Cross-Site Scripting
Battleaxe Software BttlxeForum 2.0 - Failure.asp Cross-Site Scripting source: https://www.securityfocus.com/bid/16821/info Battleaxe Software's bttlxeForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input...
Battleaxe Software BttlxeForum 2.0 - 'Failure.asp' Cross-Site Scripting
source: https://www.securityfocus.com/bid/16821/info Battleaxe Software's bttlxeForum is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...
CVE-2005-1570
forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability...
bttlxeForum login.asp < 2.0 Multiple SQL Injection
Binary data 1559.prm...
CVE-2003-0215
SQL injection vulnerability in bttlxeForum 2.0 beta 3 and earlier allows remote attackers to bypass authentication via the 1 username and 2 password fields, and possibly other fields...
CVE-2003-0215
SQL injection vulnerability in bttlxeForum 2.0 beta 3 and earlier allows remote attackers to bypass authentication via the 1 username and 2 password fields, and possibly other fields...
CVE-2003-0215
The CVE-2003-0215 issue affects bttlxeForum 2.0 beta 3 and earlier, due to a SQL injection vulnerability in the authentication path (username and password fields) that can bypass login. Evidence from multiple sources describes remote attackers potentially gaining access by injecting SQL, with at ...
PT-2003-1434 · Bttlxe · Bttlxeforum
Name of the Vulnerable Software and Affected Versions: bttlxeForum versions 2.0 beta 3 and earlier Description: The issue allows remote attackers to bypass authentication via the username and password fields, and possibly other fields, due to a SQL injection vulnerability. Recommendations: For...
SQL injection in BttlxeForum
Hi, SAUDIDEFACERZ reported an input validation vulnerability in the 'bttlxeForum' forum software earlier today. A remote user can gain full control over the application. You can see the original message from SAUDIDEFACERZ at: http://securitytracker.com/alerts/2003/Apr/1006632.html The vendor...
bttlxeForum login.asp Multiple Field SQL Injection
The remote host is running bttlxeForum, a set of CGIs designed to run a forum-based web server on Windows. There is a SQL injection bug in the remote server that allowed Nessus to log in as 'administrator' by supplying the password 'or id=' in a POST request. A remote attacker may use this flaw t...