11 matches found
EUVD-2006-1810
Malware in sbrugna...
Sql injection
SQL injection vulnerability in function/showprofile.php in FlexBB 0.5.5 allows remote attackers to execute arbitrary SQL commands, and view all usernames and passwords, via the id parameter to the showprofile page in index.php...
CVE-2006-2034
SQL injection vulnerability in function/showprofile.php in FlexBB 0.5.5 allows remote attackers to execute arbitrary SQL commands, and view all usernames and passwords, via the id parameter to the showprofile page in index.php...
CVE-2006-2034
SQL injection vulnerability in function/showprofile.php in FlexBB 0.5.5 allows remote attackers to execute arbitrary SQL commands, and view all usernames and passwords, via the id parameter to the showprofile page in index.php...
CVE-2006-2034
CVE-2006-2034 describes an SQL injection in FlexBB 0.5.5, in function/showprofile.php, exploitable via the id parameter on index.php. The underlying issue is a vulnerable input handling leading to arbitrary SQL execution, with the documented impact of viewing all usernames and passwords. Connecte...
CVE-2006-1978
SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbbusername COOKIE parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to inject arbitrary web script or HTML via the 1 ICQ, 2 AIM, 3 MSN, 4 Google Talk, 5 Website Name, 6 Website Address, 7 Email Address, 8 Location, 9 Signature, and 10 Sub-Titles fields in the user profil...
CVE-2006-1810
Multiple cross-site scripting XSS vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to inject arbitrary web script or HTML via the 1 ICQ, 2 AIM, 3 MSN, 4 Google Talk, 5 Website Name, 6 Website Address, 7 Email Address, 8 Location, 9 Signature, and 10 Sub-Titles fields in the user profil...
CVE-2006-1811
Multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to execute arbitrary SQL commands via the 1 id, 2 forumid, or 3 threadid parameter to index.php; the 4 ICQ, 5 AIM, 6 MSN, 7 Google Talk, 8 Website Name, 9 Website Address, 10 Email Address, 11 Location, 12 Signatur...
Sql injection
Multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to execute arbitrary SQL commands via the 1 id, 2 forumid, or 3 threadid parameter to index.php; the 4 ICQ, 5 AIM, 6 MSN, 7 Google Talk, 8 Website Name, 9 Website Address, 10 Email Address, 11 Location, 12 Signatur...
CVE-2006-1811
Multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to execute arbitrary SQL commands via the 1 id, 2 forumid, or 3 threadid parameter to index.php; the 4 ICQ, 5 AIM, 6 MSN, 7 Google Talk, 8 Website Name, 9 Website Address, 10 Email Address, 11 Location, 12 Signatur...