CVE-2005-4030

CVE-2005-4030 affects Quicksilver Forums prior to version 1.5.1. The vulnerability is a SQL injection in the HTTP_USER_AGENT header that allows remote attackers to modify or retrieve data by injecting arbitrary SQL commands. The description and related records confirm a remote, unauthenticated im...

CVE-2005-4030

SQL injection vulnerability in Quicksilver Forums before 1.5.1 allows remote attackers to execute arbitrary SQL commands via the HTTPUSERAGENT header...

CVE-2003-1244

CVE-2003-1244 affects phpBB 2.0, 2.0.1 and 2.0.2 via a SQL injection in page_header.php triggered by the forum_id parameter to index.php. The underlying issue is improper handling of the forum_id value, enabling an attacker to brute-force user passwords and potentially gain unauthorized access to...

Pearl Forums 2.0 - 'index.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/15425/info Pearl Forums is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise...

Pearl Forums 2.0 - index.php Local File Inclusion

Pearl Forums 2.0 - index.php Local File Inclusion source: https://www.securityfocus.com/bid/15433/info Pearl Forums is prone to a local file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...

Pearl Forums 2.0 - 'index.php' Local File Inclusion

source: https://www.securityfocus.com/bid/15433/info Pearl Forums is prone to a local file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to disclose sensitive information. This may help with...

xmbforums.txt

Hello This is Xss in the old versions and html injection in the new versions of xmb forums .. Discovered By : HACKERS PAL injected file u2u.php as the below u2u.php?action=send&username=|Html Injection OR XSS Thanks ,,...

Xss - Html injection in XMB

Hello This is Xss in the old versions and html injection in the new versions of xmb forums .. Discovered By : HACKERS PAL injected file u2u.php as the below u2u.php?action=send&username=|Html Injection OR XSS Thanks ,,...

Snitz Forums 2000 SQL injection

The remote host is using Snitz Forum 2000 This version allow an attacker to execute stored procedures and non-interactive operating system commands on the system. The problem stems from the fact that the 'Email' variable in the register.asp module fails to properly validate and strip out maliciou...

Snitz Forums 2000 HTTP Response Splitting

The remote host is using Snitz Forums 2000 - an ASP based forum/bbs. There is a bug in this software which makes it vulnerable to HTTP response splitting vulnerability. SPDX-FileCopyrightText: 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright...

Snitz Forums 2000 SQL injection

The remote host is using Snitz Forum 2000 which allows an attacker to execute stored procedures and non-interactive operating system commands on the system. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

[SA17385] Snitz Forums 2000 "post.asp" Cross-Site Scripting Vulnerability

TITLE: Snitz Forums 2000 "post.asp" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA17385 VERIFY ADVISORY: http://secunia.com/advisories/17385/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Snitz Forums 2000 3.4.x http://secunia.com/product/1483/...

CVE-2005-3411

Cross-site scripting XSS vulnerability in post.asp in Snitz Forums 2000 3.4.05 allows remote attackers to inject arbitrary web script or HTML via the type parameter in a Topic method...

CVE-2005-3411

CVE-2005-3411 concerns a cross-site scripting (XSS) vulnerability in Snitz Forums 2000, specifically in the post.asp script used to render Topic content. The vulnerability arises from unsanitized handling of the Type parameter when generating dynamic content, enabling an attacker to inject arbitr...

CVE-2005-3411

Cross-site scripting XSS vulnerability in post.asp in Snitz Forums 2000 3.4.05 allows remote attackers to inject arbitrary web script or HTML via the type parameter in a Topic method...

[Full-disclosure] HYSA-2005-009 Elite Forum 1.0.0.0 XSS Vulnerability

------------------------------------------------------ HYSA-2005-009 h4cky0u.org Advisory 009 ------------------------------------------------------ Date - Tue Nov 1 2005 TITLE: ====== Elite Forum 1.0.0.0 XSS Vulnerability SEVERITY: ========= Medium SOFTWARE: ========= Elite Forum 1.0.0.0 INFO:...

Splatt Forums < 4.0 Unspecified Authentication Bypass

Binary data 3264.prm...

AlstraSoft E-Friends Remote Command Exucetion

AlstraSoft E-Friends Remote command exucetion Site : http://www.alstrasoft.com/efriends.htm Description : AlstraSoft E-Friends is an online social networking software that allows you to start your own site just like Friendster and Tribe.net. The E-Friends software allows members to connect to...

efriends.txt

AlstraSoft E-Friends Remote command exucetion Site : http://www.alstrasoft.com/efriends.htm Description : AlstraSoft E-Friends is an online social networking software that allows you to start your own site just like Friendster and Tribe.net. The E-Friends software allows members to connect to...

CVE-2005-2805

forumpost.php in e107 0.6 allows remote attackers to post to non-existent forums by modifying the forum number...