EUVD-2006-2864

Malware in sbrugna...

EUVD-2005-0727

Malware in sbrugna...

CVE-2018-17037

user/editpost.php in UCMS 1.4.6 mishandles levels, which allows escalation from the normal user level of 1 to the superuser level of 3...

UBBCentral UBB.threads 6.0 Editpost.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12784/info It is reported that UBB.threads is prone to an SQL injection vulnerability. The SQL injection vulnerability is reported to affect the 'editpost.php' script. UBB.threads 6.0 is reported prone to this issue. It i...

FunkBoard 0.66 editpost.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14507/info FunkBoard is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues t...

CoolForum 0.x Editpost.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18268/info CoolForum is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow...

MyBB (editpost.php, posthash) - SQL Injection Vulnerability

No description provided by source. MyBB 1.6.9 is vulnerable to Stored, Error based, SQL Injection. Vulnerable code: /editpost.php === Line 398 === $posthashquery = posthash='$posthash' OR ; === It can be done by using Tamper DataOr Live HTTP Headers, and when submitting a post, edit the 'posthash...

MyBB editpost.php SQL Injection

MyBB...

MyBB 1.6.9 - editpost.php?posthash Blind SQL Injection

MyBB 1.6.9 - editpost.php?posthash Blind SQL Injection MyBB...

MyBB 1.6.9 - 'editpost.php?posthash' Blind SQL Injection

MyBB...

MyBB <1.6.9 (editpost.php, posthash) SQL Injection Vulnerability

Exploit for php platform in category web applications MyBB 1.6.9 is vulnerable to Stored, Error based, SQL Injection. Vulnerable code: /editpost.php === Line 398 === $posthashquery = "posthash='$posthash' OR "; === It can be done by using Tamper DataOr Live HTTP Headers, and when submitting a pos...

CVE-2010-4522

Multiple cross-site scripting XSS vulnerabilities in MyBB aka MyBulletinBoard 1.4.14, and 1.6.x before 1.6.1, allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 editpost.php, 2 member.php, and 3 newreply.php...

CVE-2010-4522

MyBB versions 1.4.14 and 1.6.x before 1.6.1 contain multiple XSS vulnerabilities that allow remote attackers to inject arbitrary script/HTML via editpost.php, member.php, and newreply.php. Root cause is improper input handling in those endpoints leading to stored/reflected input being executed in...

Sql injection

SQL injection vulnerability in editpost.php in phpMyForum before 4.1.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information...

CVE-2007-4107

SQL injection vulnerability in editpost.php in phpMyForum before 4.1.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information...

CVE-2007-4107

SQL injection vulnerability in editpost.php in phpMyForum before 4.1.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information...

CVE-2007-4107

CVE-2007-4107 describes an SQL injection in editpost.php of phpMyForum prior to 4.1.4, allowing remote attackers to execute arbitrary SQL commands via unspecified vectors. Affected software: phpMyForum (before 4.1.4). The underlying cause is an injection vulnerability in the editpost path. Report...

CVE-2006-3420

CVE-2006-3420 affects MyBulletinBoard (MyBB) prior to version 1.1.5. The issue is a cross-site request forgery (CSRF) in editpost.php that lets an attacker perform actions as a logged-in user, including deleting arbitrary forum posts, by using a bbcode IMG tag with a modified delete parameter in ...

CVE-2006-2951

Multiple cross-site scripting XSS vulnerabilities in Net Portal Dynamic System NPDS 5.10 and earlier allow remote attackers to inject arbitrary web script and HTML via the 1 Titlesitename or 2 sitename parameter to a header.php, 3 nukeurl parameter to b meta/meta.php, 4 forum parameter to c...

CVE-2006-2951

CVE-2006-2951 concerns multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS)