basket-forum.pl XSS vulnerability

Open Bug Bounty ID: OBB-716410 Description| Value ---|--- Affected Website:| basket-forum.pl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...

CVE-2005-1354

The forum.pl script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument...

CVE-2005-1353

The forum.pl script allows remote attackers to read arbitrary files via a full pathname in the argument...

CVE-2005-1353

The CVE-2005-1353 issue affects the forum.pl script, where remote attackers can cause the system to read arbitrary files by supplying a full pathname as an argument. This is the explicit vulnerability described in the CVE record and corroborated by NVD entries. The available data provide a CVSSv2...

CVE-2005-1354

The forum.pl script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument...

remote command execution in forum.pl script

Tunis 24/04/2005 BUG found by fireboy [email protected] THERE ARE SOME BUGS IN forum.pl SCRIPT THAT CAN SHOW SENSILBLES FILES IN A SYSTEM OR EXECUTE COMMANDS IN THE TARGET HOST WICH CAN COMPROMISE IT. IT IS ONLY FOR SECURITY AND EDUCATIONAL PURPOSE 1file showing...