Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-2912

Malware in sbrugna...

5.1CVSS6.4AI score0.01562EPSS
Exploits1References12
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

DeluxeBB <= 1.06 (name) Remote SQL Injection Exploit (mq=off)

No description provided by source. !/usr/bin/perl use IO::Socket; print q DeluxeBB 1.06 Remote SQL Injection Exploit exploit discovered and coded by KingOfSka http://contropotere.netsons.org ; if !$ARGV2 print q Usage: perl dbbxpl.pl host /directory/ victimuserid perl dbbxpl.pl www.somesite.com...

7.1AI score
Exploits0
CVE
CVE
added 2006/09/06 12:0 a.m.47 views

CVE-2006-4558

DeluxeBB 1.06 and earlier running on Apache with mod_mime is vulnerable. The flaw in newpost.php’s newthread action allows remote attackers to upload files with double extensions via the fileupload parameter, enabling arbitrary PHP code execution. Affected: DeluxeBB 1.06 and earlier. Evidence fro...

7.5CVSS8AI score0.0416EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2006/06/23 8:0 p.m.51 views

CVE-2006-2915

Multiple SQL injection vulnerabilities in DeluxeBB 1.06 allow remote attackers to execute arbitrary SQL commands via the 1 hideemail, 2 languagex, 3 xthetimeoffset, and 4 xthetimeformat parameters during account registration...

8.4AI score0.01562EPSS
Exploits1References10
Prion
Prion
added 2006/06/23 7:6 p.m.12 views

Remote file inclusion

PHP remote file inclusion vulnerability in DeluxeBB 1.06 allows remote attackers to execute arbitrary code via a URL in the templatefolder parameter to 1 postreply.php, 2 posting.php, 3 and pm/newpm.php in the deluxe/ directory, and 4 postreply.php, 5 posting.php, and 6 pm/newpm.php in the defaul...

5.1CVSS8.6AI score0.20301EPSS
Exploits2References15Affected Software1
NVD
NVD
added 2006/06/23 7:6 p.m.12 views

CVE-2006-2914

PHP remote file inclusion vulnerability in DeluxeBB 1.06 allows remote attackers to execute arbitrary code via a URL in the templatefolder parameter to 1 postreply.php, 2 posting.php, 3 and pm/newpm.php in the deluxe/ directory, and 4 postreply.php, 5 posting.php, and 6 pm/newpm.php in the defaul...

5.1CVSS7.6AI score0.20301EPSS
Exploits2References15
Cvelist
Cvelist
added 2006/06/23 7:0 p.m.34 views

CVE-2006-2914

PHP remote file inclusion vulnerability in DeluxeBB 1.06 allows remote attackers to execute arbitrary code via a URL in the templatefolder parameter to 1 postreply.php, 2 posting.php, 3 and pm/newpm.php in the deluxe/ directory, and 4 postreply.php, 5 posting.php, and 6 pm/newpm.php in the defaul...

7.6AI score0.20301EPSS
Exploits2References15
CVE
CVE
added 2006/06/23 7:0 p.m.52 views

CVE-2006-2914

CVE-2006-2914 concerns DeluxeBB 1.06 with a remote file inclusion flaw. Secunia and Secunia-derived documents describe an vulnerability where input passed to the templatefolder parameter in several scripts (deluxe/postreply.php, deluxe/posting.php, deluxe/pm/newpm.php and corresponding default/ v...

5.1CVSS7.7AI score0.20301EPSS
Exploits2References15Affected Software1
Exploit DB
Exploit DB
added 2006/06/15 12:0 a.m.43 views

DeluxeBB 1.06 - &#039;templatefolder&#039; Remote File Inclusion

Secunia Research has discovered some vulnerabilities in DeluxeBB, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system. 1 Input passed to the "templatefolder" parameter in various scripts isn't properly verified, before it is used to inclu...

7.4AI score
Exploits0
NVD
NVD
added 2006/05/22 7:2 p.m.21 views

CVE-2006-2503

SQL injection vulnerability in misc.php in DeluxeBB 1.06 allows remote attackers to execute arbitrary SQL commands via the name parameter...

7.5CVSS8.1AI score0.01291EPSS
Exploits1References7
Prion
Prion
added 2006/05/22 7:2 p.m.17 views

Sql injection

SQL injection vulnerability in misc.php in DeluxeBB 1.06 allows remote attackers to execute arbitrary SQL commands via the name parameter...

7.5CVSS8.7AI score0.01291EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2006/05/22 7:0 p.m.24 views

CVE-2006-2503

SQL injection vulnerability in misc.php in DeluxeBB 1.06 allows remote attackers to execute arbitrary SQL commands via the name parameter...

8.1AI score0.01291EPSS
Exploits1References7
CVE
CVE
added 2006/05/22 7:0 p.m.53 views

CVE-2006-2503

The CVE-2006-2503 entry documents a SQL injection in DeluxeBB (version 1.06) affecting misc.php, exploitable remotely via the name parameter to execute arbitrary SQL commands. The NVD metrics indicate a high impact with CVSS v2 base score 7.5, attack vector NETWORK, attack complexity LOW, authent...

7.5CVSS8.2AI score0.01291EPSS
Exploits1References7Affected Software1
Exploit DB
Exploit DB
added 2006/05/15 12:0 a.m.40 views

DeluxeBB 1.06 - &#039;name&#039; SQL Injection (mq=off)

!/usr/bin/perl use IO::Socket; print q DeluxeBB 1.06 Remote SQL Injection Exploit exploit discovered and coded by KingOfSka http://contropotere.netsons.org ; if !$ARGV2 print q Usage: perl dbbxpl.pl host /directory/ victimuserid perl dbbxpl.pl www.somesite.com /forum/ 1 ; $server = $ARGV0; $dir =...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2006/05/15 12:0 a.m.16 views

DeluxeBB &lt;= 1.06 (name) Remote SQL Injection Exploit (mq=off)

No description provided by source. !/usr/bin/perl use IO::Socket; print q DeluxeBB 1.06 Remote SQL Injection Exploit exploit discovered and coded by KingOfSka http://contropotere.netsons.org ; if !$ARGV2 print q Usage: perl dbbxpl.pl host /directory/ victimuserid perl dbbxpl.pl www.somesite.com...

7.1AI score
Exploits0
Rows per page
Query Builder