advisory-481.txt

KAPDA New advisory Vendor: http://www.flexbb.net Vulnerable Version: 1.0.0 10005 Beta Release 1 Bug: SQL Injection Exploitation: Remote with browser Description: -------------------- Flexbb is a freely available PHP-based message board program that uses a MySQL database. Vulnerability:...

Sql injection

SQL injection vulnerability in includes/start.php in Flexbb 1.0.0 10005 Beta Release 1 allows remote attackers to execute arbitrary SQL commands via the flexbblangid COOKIE parameter to index.php...

CVE-2007-1729

SQL injection vulnerability in includes/start.php in Flexbb 1.0.0 10005 Beta Release 1 allows remote attackers to execute arbitrary SQL commands via the flexbblangid COOKIE parameter to index.php...

CVE-2007-1729

SQL injection vulnerability in includes/start.php in Flexbb 1.0.0 10005 Beta Release 1 allows remote attackers to execute arbitrary SQL commands via the flexbblangid COOKIE parameter to index.php...

CVE-2007-1729

CVE-2007-1729 is a SQL injection vulnerability affecting FlexBB 1.0.0 10005 Beta Release 1. It allows remote attackers to modify the backend via the flexbb_lang_id COOKIE parameter sent to index.php, potentially enabling arbitrary SQL execution. The affected component is in includes/start.php. Th...

[KAPDA::#64] - Flexbb Sql Injection

KAPDA New advisory Vendor: http://www.flexbb.net Vulnerable Version: 1.0.0 10005 Beta Release 1 Bug: SQL Injection Exploitation: Remote with browser Description: -------------------- Flexbb is a freely available PHP-based message board program that uses a MySQL database. Vulnerability:...

FlexBB-0.5.5.xpl.txt

!/usr/bin/perl -w FlexBB : DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! use IO::Socket; -- Start -- $host = "127.0.0.1"; $path = "/flexbb/"; -- END -- $host :- The Host Name Without http:// | exm. www.vic.com $path :- FlexBB Dir On Server | ex...

FlexBB0.5.5.pl.txt

!/usr/bin/perl use IO::Socket; FlexBB Exploit function/showprofile.php Remote SQL Injection 1- First Do Login 2- View This Link :D index.php?page=showprofile&id=-1' UNION ALL SELECT%201,username,3,4,5,6,7,8,9,0,1,2,3,password,5,6,7,8,9,0,1,2,3,4,3,4,5,7,8 FROM flexbbusers WHERE id=1/...

CVE-2006-2034

SQL injection vulnerability in function/showprofile.php in FlexBB 0.5.5 allows remote attackers to execute arbitrary SQL commands, and view all usernames and passwords, via the id parameter to the showprofile page in index.php...

Sql injection

SQL injection vulnerability in function/showprofile.php in FlexBB 0.5.5 allows remote attackers to execute arbitrary SQL commands, and view all usernames and passwords, via the id parameter to the showprofile page in index.php...

CVE-2006-2034

SQL injection vulnerability in function/showprofile.php in FlexBB 0.5.5 allows remote attackers to execute arbitrary SQL commands, and view all usernames and passwords, via the id parameter to the showprofile page in index.php...

CVE-2006-2034

CVE-2006-2034 describes an SQL injection in FlexBB 0.5.5, in function/showprofile.php, exploitable via the id parameter on index.php. The underlying issue is a vulnerable input handling leading to arbitrary SQL execution, with the documented impact of viewing all usernames and passwords. Connecte...

FlexBB <= 0.5.5 (function/showprofile.php) SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================ FlexBB new...

FlexBB 0.5.5 - functionshowprofile.php SQL Injection

FlexBB 0.5.5 - functionshowprofile.php SQL Injection !/usr/bin/perl use IO::Socket; FlexBB Exploit function/showprofile.php Remote SQL Injection 1- First Do Login 2- View This Link :D index.php?page=showprofile&id=-1' UNION ALL...

FlexBB &lt;= 0.5.5 (function/showprofile.php) SQL Injection Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; FlexBB Exploit function/showprofile.php Remote SQL Injection 1- First Do Login 2- View This Link :D index.php?page=showprofile&id=-1' UNION ALL SELECT%201,username,3,4,5,6,7,8,9,0,1,2,3,password,5,6,7,8,9,0,1,2,3,4,3,4,5,7,8 FROM...

FlexBB 0.5.5 - &#039;/function/showprofile.php&#039; SQL Injection

!/usr/bin/perl use IO::Socket; FlexBB Exploit function/showprofile.php Remote SQL Injection 1- First Do Login 2- View This Link :D index.php?page=showprofile&id=-1' UNION ALL SELECT%201,username,3,4,5,6,7,8,9,0,1,2,3,password,5,6,7,8,9,0,1,2,3,4,3,4,5,7,8 FROM flexbbusers WHERE id=1/...

CVE-2006-1978

SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbbusername COOKIE parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in FlexBB 0.5.7 BETA and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 name and 2 message parameters...

Sql injection

SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbbusername COOKIE parameter...

CVE-2006-1977

Cross-site scripting XSS vulnerability in FlexBB 0.5.7 BETA and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 name and 2 message parameters...