4 matches found
CVE-2006-4080
DeluxeBB 1.08, and possibly earlier, uses cookies that include the MD5 hash of a password, which allows remote attackers to gain privileges by sniffing or cross-site scripting XSS and conduct password guessing attacks...
CVE-2006-4078
pm.php aka the PM system in DeluxeBB 1.08, and possibly earlier, allows remote attackers to bypass authentication by providing an arbitrary username in the membercookie cookie parameter...
CVE-2006-4078
The CVE-2006-4078 entry concerns DeluxeBB 1.08 (and possibly earlier) where pm.php (the PM system) allows remote attackers to bypass authentication by supplying an arbitrary username in the membercookie cookie parameter. This is a logic/authorization flaw in the PM component that enables access w...
CVE-2006-4080
Summary: CVE-2006-4080 affects DeluxeBB 1.08 (and possibly earlier). The issue arises from cookies that contain the MD5 hash of a password, enabling remote attackers to gain privileges via credential sniffing or cross-site scripting (XSS) and potentially conduct password guessing attacks. The pro...