Lucene search
K

96 matches found

NVD
NVD
added 2006/07/18 3:47 p.m.11 views

CVE-2006-3662

SQL injection vulnerability in index.php in ATutor 1.5.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter. NOTE: this issue has been disputed by the vendor, who states "The mentioned SQL injection vulnerability is not possible." However, the relevant source code...

7.5CVSS8.4AI score0.01226EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2006/07/17 12:0 a.m.6 views

PT-2006-4529 · Atutor · Atutor

Name of the Vulnerable Software and Affected Versions: ATutor version 1.5.3 Description: A SQL injection issue in index.php allows remote attackers to execute arbitrary SQL commands via the fid parameter. The vendor has disputed this issue, stating it is not possible, but the source code suggests...

7.5CVSS9.2AI score0.01226EPSS
Exploits1References10
Prion
Prion
added 2006/04/29 10:2 a.m.28 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Devsyn Open Bulletin Board OpenBB 1.0.6 allow remote attackers to inject arbitrary web script or HTML via 1 the FID parameter in board.php and 2 the TID parameter in read.php. NOTE: the SQL injection issues are already covered by CVE-2005-1612...

4.3CVSS7AI score0.02159EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2006/04/29 10:0 a.m.23 views

CVE-2006-2088

Multiple cross-site scripting XSS vulnerabilities in Devsyn Open Bulletin Board OpenBB 1.0.6 allow remote attackers to inject arbitrary web script or HTML via 1 the FID parameter in board.php and 2 the TID parameter in read.php. NOTE: the SQL injection issues are already covered by CVE-2005-1612...

6.5AI score0.01057EPSS
Exploits0References3
Prion
Prion
added 2006/04/01 12:4 a.m.28 views

Sql injection

SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a newthread action...

5CVSS8.6AI score0.0125EPSS
Exploits0References7Affected Software1
Prion
Prion
added 2006/03/06 8:6 p.m.15 views

Sql injection

SQL injection vulnerability in the board module in LanSuite LanParty Intranet System 2.0.6 and 2.1.0 beta allows remote attackers to execute arbitrary SQL commands via the fid parameter...

5CVSS9.1AI score0.01347EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2006/03/06 8:6 p.m.14 views

CVE-2006-1001

SQL injection vulnerability in the board module in LanSuite LanParty Intranet System 2.0.6 and 2.1.0 beta allows remote attackers to execute arbitrary SQL commands via the fid parameter...

5CVSS8.4AI score0.01347EPSS
Exploits1References6
CVE
CVE
added 2006/03/06 8:0 p.m.45 views

CVE-2006-1001

CVE-2006-1001 refers to an SQL injection vulnerability in the board module of LanSuite LanParty Intranet System, affecting versions 2.0.6 and 2.1.0 beta. The underlying issue arises from improper handling of the fid parameter, allowing remote attackers to execute arbitrary SQL commands. The vulne...

5CVSS8.4AI score0.01347EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2005/11/19 1:0 a.m.51 views

CVE-2005-3689

CVE-2005-3689 affects XMB Forum 1.9.2, specifically the post.php file. The vulnerability occurs when processing a newthread action with an invalid fid parameter, enabling remote attackers to disclose the installation path. This is evidenced by multiple connected documents citing: post.php in XMB ...

5CVSS7AI score0.02563EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2005/09/02 4:0 a.m.52 views

CVE-2005-2778

The CVE-2005-2778 entry details a SQL injection in MyBulletinBoard (MyBB), specifically in member.php through the fid parameter. A remote attacker can craft input via fid to execute arbitrary SQL statements, with network access and no authentication required (low attack complexity). Affected soft...

7.5CVSS8.2AI score0.01212EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2005/08/16 4:0 a.m.44 views

CVE-2005-2566

Open Bulletin Board (OpenBB) contains multiple SQL injection vulnerabilities in board.php (FID parameter) and member.php (UID parameter). The affected components are the OpenBB web application’s old board and member handlers, enabling remote attackers to execute arbitrary SQL commands. The CVE-20...

7.5CVSS8.5AI score0.01124EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2005/07/19 4:0 a.m.16 views

CVE-2005-2299

Multiple cross-site scripting XSS vulnerabilities in Simple Message Board Version 2.0 Beta 1 allow remote attackers to inject arbitrary web script or HTML via the 1 FID parameter to forum.cfm, 2 UID parameter to user.cfm, 3 TID parameter to thread.cfm, or 4 PostDate parameter to search.cfm...

5.8AI score0.01382EPSS
Exploits1References6
NVD
NVD
added 2005/07/19 4:0 a.m.11 views

CVE-2005-2299

Multiple cross-site scripting XSS vulnerabilities in Simple Message Board Version 2.0 Beta 1 allow remote attackers to inject arbitrary web script or HTML via the 1 FID parameter to forum.cfm, 2 UID parameter to user.cfm, 3 TID parameter to thread.cfm, or 4 PostDate parameter to search.cfm...

4.3CVSS5.8AI score0.01382EPSS
Exploits1References6
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.18 views

CVE-2003-1176

postmessageform.asp in Web Wiz Forums 6.34 through 7.5, when quote mode is used, allows remote attackers to read or write to private forums by modifying the FID forum ID parameter...

6.6AI score0.07175EPSS
Exploits1References7
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.18 views

CVE-2004-1966

Multiple SQL injection vulnerabilities in Open Bulletin Board OpenBB 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 FID parameter in board.php, 2 sortorder, perpage, or id parameters in member.php, 3 forums parameter in search.php, or 4 PID or FID parameters ...

8.5AI score0.01337EPSS
Exploits1References5
NVD
NVD
added 2004/12/31 5:0 a.m.12 views

CVE-2004-2146

CRLF injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows attackers to conduct HTTP response splitting attacks via the fid parameter in a writenew action to thread-post.asp...

5CVSS6.8AI score0.01252EPSS
Exploits1References4
Rows per page
Query Builder