CVE-2006-1977

Cross-site scripting XSS vulnerability in FlexBB 0.5.7 BETA and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 name and 2 message parameters...

CVE-2006-1977

CVE-2006-1977 is a cross-site scripting (XSS) vulnerability in FlexBB 0.5.7 BETA and earlier. The issue allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) message parameters. The NVD entry lists a base score of 5.8 (MEDIUM) with CVSS2 characteristics: AV:N/AC:...

CVE-2006-1978

SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbbusername COOKIE parameter...

CVE-2006-1978

The vulnerability CVE-2006-1978 affects FlexBB 0.5.5 and earlier, due to an SQL injection in inc/start.php. An attacker can manipulate the flexbb_username cookie to execute arbitrary SQL commands on the backend. This is a remote attack with no authentication required, and the impact includes pote...

CVE-2006-1810

Multiple cross-site scripting XSS vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to inject arbitrary web script or HTML via the 1 ICQ, 2 AIM, 3 MSN, 4 Google Talk, 5 Website Name, 6 Website Address, 7 Email Address, 8 Location, 9 Signature, and 10 Sub-Titles fields in the user profil...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to inject arbitrary web script or HTML via the 1 ICQ, 2 AIM, 3 MSN, 4 Google Talk, 5 Website Name, 6 Website Address, 7 Email Address, 8 Location, 9 Signature, and 10 Sub-Titles fields in the user profil...

Sql injection

Multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to execute arbitrary SQL commands via the 1 id, 2 forumid, or 3 threadid parameter to index.php; the 4 ICQ, 5 AIM, 6 MSN, 7 Google Talk, 8 Website Name, 9 Website Address, 10 Email Address, 11 Location, 12 Signatur...

CVE-2006-1811

Multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to execute arbitrary SQL commands via the 1 id, 2 forumid, or 3 threadid parameter to index.php; the 4 ICQ, 5 AIM, 6 MSN, 7 Google Talk, 8 Website Name, 9 Website Address, 10 Email Address, 11 Location, 12 Signatur...

CVE-2006-1811

CVE-2006-1811 describes multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA. The flaws allow remote attackers to execute arbitrary SQL commands through input fields passed to index.php, specifically the parameters: (1) id, (2) forumid, (3) threadid; and/or profile fields (4) ICQ, (5) AIM,...

CVE-2006-1810

CVE-2006-1810 involves multiple cross-site scripting (XSS) vulnerabilities in FlexBB 0.5.5 BETA . The affected component is the user profile handling, with attacker-controlled inputs in fields such as ICQ, AIM, MSN, Google Talk, Website Name, Website Address, Email Address, Location, Signature, a...

CVE-2006-1811

Multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to execute arbitrary SQL commands via the 1 id, 2 forumid, or 3 threadid parameter to index.php; the 4 ICQ, 5 AIM, 6 MSN, 7 Google Talk, 8 Website Name, 9 Website Address, 10 Email Address, 11 Location, 12 Signatur...

CVE-2006-1810

Multiple cross-site scripting XSS vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to inject arbitrary web script or HTML via the 1 ICQ, 2 AIM, 3 MSN, 4 Google Talk, 5 Website Name, 6 Website Address, 7 Email Address, 8 Location, 9 Signature, and 10 Sub-Titles fields in the user profil...

FlexBB 0.5.5 - incstart.php?_COOKIE SQL Bypass

FlexBB 0.5.5 - incstart.php?COOKIE SQL Bypass !/usr/bin/perl -w FlexBB : DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! use IO::Socket; -- Start -- $host = "127.0.0.1"; $path = "/flexbb/"; -- END -- $host :- The Host Name Without http:// | exm...

FlexBB v0.5.5 BETA [SQL Inj] [XSS] [Login bypass]

App: FlexBB v0.5.5 BETA Advistory by: p0w3r - curse-crew.de SQL Inj: magicquotesgpc = off /index.php?page=showprofile&id=1'SQL/ /index.php?page=forums&forumid=1'SQL/ /index.php?page=viewthread&threadid=1'SQL/ /index.php?page=editpost&threadid=1'SQL/ Login bypass: magicquotesgpc = off Nick: Admin'...

FlexBB <= 0.5.5 (/inc/start.php _COOKIE) Remote SQL ByPass Exploit

Exploit for unknown platform in category web applications ================================================================== FlexBB : DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! use IO::Socket; -- Start -- $host = "127.0.0.1"; $path =...

FlexBB 0.5.5 - &#039;/inc/start.php?_COOKIE&#039; SQL Bypass

!/usr/bin/perl -w FlexBB : DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! use IO::Socket; -- Start -- $host = "127.0.0.1"; $path = "/flexbb/"; -- END -- $host :- The Host Name Without http:// | exm. www.vic.com $path :- FlexBB Dir On Server | ex...

FlexBB &lt;= 0.5.5 (/inc/start.php _COOKIE) Remote SQL ByPass Exploit

No description provided by source. !/usr/bin/perl -w FlexBB = 0.5.5 /inc/start.php COOKIE Remote SQL ByPass Exploit , Perl C0d3 Milw0rm ID :- http://www.milw0rm.com/auth.php?id=1539 D3vil-0x1 | Devil-00 BlackHat : DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO...

FlexBB &lt;= 0.5.7 BETA XSS

FlexBB = 0.5.7 BETA XSS Start a new thread and type this in the thread name field box :- scriptalertdocument.cookie/script Or post a reply to any topic and include this in your reply :- scriptalertdocument.cookie/script Found By: Qex...