Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-1861

Malware in sbrugna...

5.1CVSS6.4AI score0.01922EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-1862

Malware in sbrugna...

6.8CVSS6.4AI score0.03082EPSS
Exploits0References4
Prion
Prion
added 2008/04/17 7:5 p.m.10 views

Directory traversal

Directory traversal vulnerability in modules/threadstop/threadstop.php in ExBB Italia 0.22 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the exbbdefaultlang parameter...

5.1CVSS7.6AI score0.01922EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2008/04/17 7:5 p.m.25 views

Remote file inclusion

ExBB Italia 0.22 and earlier only checks GET requests that use the QUERYSTRING for certain path manipulations, which allows remote attackers to bypass this check via 1 POST or 2 COOKIE variables, a different vector than CVE-2006-4488. NOTE: this can be leveraged to conduct PHP remote file inclusi...

6.8CVSS7AI score0.03113EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2008/04/17 7:5 p.m.14 views

CVE-2008-1861

Directory traversal vulnerability in modules/threadstop/threadstop.php in ExBB Italia 0.22 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the exbbdefaultlang parameter...

5.1CVSS7.1AI score0.01922EPSS
Exploits1References4
NVD
NVD
added 2008/04/17 7:5 p.m.15 views

CVE-2008-1862

ExBB Italia 0.22 and earlier only checks GET requests that use the QUERYSTRING for certain path manipulations, which allows remote attackers to bypass this check via 1 POST or 2 COOKIE variables, a different vector than CVE-2006-4488. NOTE: this can be leveraged to conduct PHP remote file inclusi...

6.8CVSS6.5AI score0.03082EPSS
Exploits0References3
Cvelist
Cvelist
added 2008/04/17 4:0 p.m.17 views

CVE-2008-1862

ExBB Italia 0.22 and earlier only checks GET requests that use the QUERYSTRING for certain path manipulations, which allows remote attackers to bypass this check via 1 POST or 2 COOKIE variables, a different vector than CVE-2006-4488. NOTE: this can be leveraged to conduct PHP remote file inclusi...

6.5AI score0.03082EPSS
Exploits0References3
Cvelist
Cvelist
added 2008/04/17 4:0 p.m.15 views

CVE-2008-1861

Directory traversal vulnerability in modules/threadstop/threadstop.php in ExBB Italia 0.22 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the exbbdefaultlang parameter...

7.1AI score0.01922EPSS
Exploits1References4
CVE
CVE
added 2008/04/17 4:0 p.m.56 views

CVE-2008-1862

ExBB Italia 0.22 and earlier are affected by PHP remote file inclusion vulnerabilities. The CVE-2008-1862 family describes checks on GET requests via QUERY_STRING that can be bypassed using POST or COOKIE variables, enabling RFI through URLs in the exbb[home_path] or new_exbb[home_path] parameter...

6.8CVSS6.7AI score0.03082EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2008/04/17 4:0 p.m.41 views

CVE-2008-1861

CVE-2008-1861 affects ExBB Italia version 0.22 and earlier. A directory traversal flaw in modules/threadstop/threadstop.php allows remote attackers to include and execute arbitrary local files via a .. in the exbb[default_lang] parameter when register_globals is enabled and magic_quotes_gpc is di...

5.1CVSS7.1AI score0.01922EPSS
Exploits1References4Affected Software1
seebug.org
seebug.org
added 2006/10/25 12:0 a.m.34 views

ExBB Italia userstop.php远程文件包含漏洞

ExBB Italia是一款意大利语的论坛程序。 ExBB Italia在处理用户请求时存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 ExBB Italia的modules/userstop/userstop.php脚本没有正确验证exbbhomepath参数的输入: include$exbb'homepath'.'modules/userstop/data/userstopconf.php';...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2006/08/31 10:0 p.m.18 views

CVE-2006-4488

PHP remote file inclusion vulnerability in modules/userstop/userstop.php in ExBB Italia 0.2 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the exbbhomepath parameter...

7.3AI score0.03113EPSS
Exploits1References7
CVE
CVE
added 2006/08/31 10:0 p.m.48 views

CVE-2006-4488

ExBB Italia

5.1CVSS7.5AI score0.03113EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder