invision131xss.txt

Description: Lack of checking in the SML codes. Exploit: Put this into any signature or post on an invision forum: COLOR=IMGhttp://aaa.aa/=aaa.jpg/IMGstyle=background:url"javascript:document.location.replace'http://www.hackthissite.org';" /color Fix: I'm not good at regexes :...

CVE-2004-1687

Snitz Forums 2000 v3.4.04 has a CRLF injection vulnerability in down.asp that enables HTTP Response Splitting via the location parameter. This remote issue can alter the server's HTML output. OpenVAS data labels it as Snitz Forums 2000 HTTP Response Splitting . No explicit remediation/patch detai...

CVE-2004-1687

CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the location parameter...

CVE-2004-1496

CVE-2004-1496 describes a directory traversal vulnerability in Web Forums Server 1.6 and 2.0 Power Pack that allows remote attackers to read arbitrary files via crafted URLs containing …, ../, encoded dot-dot slash (/%2E%2E%5C, %2E%2E%2F). The NVD/NVD-derived entries confirm the affected product ...

CVE-2004-1497

Web Forums Server 1.6 and 2.0 Power Pack store passwords in plaintext in the Username.ini file, enabling local users to gain privileges. This indicates a local-privilege escalation risk due to insecure credential storage. The available sources describe the vulnerable component and impact but do n...

CVE-2004-1496

Directory traversal vulnerability in Web Forums Server 1.6 and 2.0 Power Pack allows remote attackers to read arbitrary files via a URL containing 1 ".." dot dot backslash, 2 "../" dot dot slash, 3 "/%2E%2E%5C" encoded dot dot backslash, or 4 "%2E%2E%2F" encoded dot dot slash...

CVE-2004-1497

Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext in the Username.ini file, which allows local users to gain privileges...

Chipmunk Forums SQL Injection Exploit

Exploit for unknown platform in category web applications ===================================== Chipmunk Forums SQL Injection Exploit ===================================== /==========================================/ // GHC - Chipmunk forum - ADVISORY // Product: Chipmunk Forums // URL:...

Chipmunk Forums SQL Injection Exploit

No description provided by source. /==========================================/ // GHC - Chipmunk forum - ADVISORY // Product: Chipmunk Forums // URL: http://www.chipmunk-scripts.com/board // VULNERABILITY CLASS: SQL injection // RISK: hight /==========================================/ exploit at...

Chipmunk Forums - SQL Injection

Chipmunk Forums - SQL Injection /==========================================/ // GHC - Chipmunk forum - ADVISORY // Product: Chipmunk Forums // URL: http://www.chipmunk-scripts.com/board // VULNERABILITY CLASS: SQL injection // RISK: hight /==========================================/ exploit at...

Chipmunk Forums - SQL Injection

/==========================================/ // GHC - Chipmunk forum - ADVISORY // Product: Chipmunk Forums // URL: http://www.chipmunk-scripts.com/board // VULNERABILITY CLASS: SQL injection // RISK: hight /==========================================/ exploit at login.php enter user name as...

PHP-Fusion 4.0 - 'Viewthread.php' Information Disclosure

source: https://www.securityfocus.com/bid/12482/info PHP-Fusion is reportedly affected by an information disclosure vulnerability. This issue is due to the application failing to properly sanitize user-supplied input. It is reported that an attacker could leverage this vulnerability to view any...

php-fusion 4.x vuln

TheGreatOne2176, Reapercore I have a found an error in php-fusion 4.x where you can view any thread on the forum. In fusionforum/viewthread.php the $GET variables arent properly checked or queried making it possible to view all threads. The example I tested was...

XSS in the nested BB tag in many forum

XSS was found in the nested BB tag in many forum: Invision Power Board: COLOR=IMGhttp://aaa.aa/=aaa.jpg/IMG style=background:urljavascript:alert /COLOR vBulletin EMAIL=URL=s [email protected]:[email protected] sssssss/URL/EMAIL style=background:urljavaSCrip t:alert/HifromAlgol/ using tab between...

CVE-2004-2211

Cross-site scripting XSS vulnerability in AliveSites Forums 2.0 allows remote attackers to inject arbitrary web script or HTML via the 1 forumid, 2 method, or 3 forumtitle parameters to post.asp, 4 the forumtitle parameter to forum.asp, or 5 the id parameter to post.asp...

CVE-2004-2212

SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 allows remote attackers to execute arbitrary SQL commands via the forumid parameter...

CVE-2004-2720

Cross-site scripting XSS vulnerability in register.asp in Snitz Forums 2000 3.4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via javascript events in the Email parameter...

CVE-2004-1496

Directory traversal vulnerability in Web Forums Server 1.6 and 2.0 Power Pack allows remote attackers to read arbitrary files via a URL containing 1 ".." dot dot backslash, 2 "../" dot dot slash, 3 "/%2E%2E%5C" encoded dot dot backslash, or 4 "%2E%2E%2F" encoded dot dot slash...

CVE-2004-1497

Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext in the Username.ini file, which allows local users to gain privileges...

CVE-2004-2733

Web Wiz Forums 7.7a uses invalid logic to determine user privileges, which allows remote attackers to 1 block arbitrary IP addresses via popupipblocking.asp or 2 modify topics via popuptopicadmin.asp...