13 matches found
EUVD-2006-2739
Malware in sbrugna...
EUVD-2006-2740
Malware in sbrugna...
CVE-2006-2741
Cross-site scripting XSS vulnerability in Epicdesigns tinyBB 0.3 allow remote attackers to inject arbitrary web script or HTML via the q parameter in forgot.php, which is echoed in an error message, and other unspecified vectors...
Remote file inclusion
PHP remote file inclusion vulnerability in footers.php in Epicdesigns tinyBB 0.3, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the tinybbfooters parameter...
CVE-2006-2740
Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow remote attackers to execute arbitrary SQL commands via the 1 q parameter in a forgot.php, and the 2 username and 3 password parameters in b login.php, and other unspecified vectors...
Sql injection
Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow remote attackers to execute arbitrary SQL commands via the 1 q parameter in a forgot.php, and the 2 username and 3 password parameters in b login.php, and other unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in Epicdesigns tinyBB 0.3 allow remote attackers to inject arbitrary web script or HTML via the q parameter in forgot.php, which is echoed in an error message, and other unspecified vectors...
CVE-2006-2740
Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow remote attackers to execute arbitrary SQL commands via the 1 q parameter in a forgot.php, and the 2 username and 3 password parameters in b login.php, and other unspecified vectors...
CVE-2006-2741
Cross-site scripting XSS vulnerability in Epicdesigns tinyBB 0.3 allow remote attackers to inject arbitrary web script or HTML via the q parameter in forgot.php, which is echoed in an error message, and other unspecified vectors...
CVE-2006-2739
CVE-2006-2739 is a PHP remote file inclusion vulnerability in the Epicdesigns tinyBB 0.3 package. When PHP register_globals is enabled, an attacker can cause arbitrary PHP code execution by exploiting the tinybb_footers parameter in footers.php. The public records describe the vulnerability and a...
CVE-2006-2740
CVE-2006-2740 describes SQL injection vulnerabilities in the Epicdesigns tinyBB 0.3 package. The affected components are the login flow and forgot/password recovery vectors: specifically the (1) q parameter in forgot.php and the (2) username and (3) password parameters in login.php, plus other un...
CVE-2006-2741
CVE-2006-2741 concerns an XSS vulnerability in Epicdesigns tinyBB 0.3. The description specifies that remote attackers can inject arbitrary script or HTML via the q parameter in forgot.php, which is echoed in an error message, and notes other unspecified vectors. The affected software is tinyBB 0...
Advisory: tinyBB <= 0.3 Multiple Remote Vulnerabilities.
--Security Report-- Advisory: tinyBB = 0.3 Multiple Remote Vulnerabilities. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 27/05/06 05:37 AM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendor: Epicdesigns http://www.epicdesigns.co.uk/...