1275 matches found
CVE-2008-2996
Multiple SQL injection vulnerabilities in index.php in Gravity Board X GBX 2.0 Beta, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 searchquery parameter in a getsearch action, and the 2 boardid parameter in a viewboard action...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Gravity Board X GBX 2.0 Beta allows remote attackers to inject arbitrary web script or HTML via the subject parameter in a postnewsubmit aka create new thread action...
CVE-2008-2997
CVE-2008-2997 : XSS vulnerability in Gravity Board X (GBX) 2.0 Beta. In GBX’s index.php, the subject parameter in the postnewsubmit (create new thread) action can be exploited to inject arbitrary script/HTML. This remote vector could affect users who submit a thread, with the impact described as ...
CVE-2008-2996
Multiple SQL injection vulnerabilities in index.php in Gravity Board X GBX 2.0 Beta, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 searchquery parameter in a getsearch action, and the 2 boardid parameter in a viewboard action...
CVE-2008-2997
Cross-site scripting XSS vulnerability in index.php in Gravity Board X GBX 2.0 Beta allows remote attackers to inject arbitrary web script or HTML via the subject parameter in a postnewsubmit aka create new thread action...
CVE-2008-2996
GBX 2.0 Beta (Gravity Board X) has multiple SQL injection vulnerabilities in index.php. Specifically, two parameters are exploitable: searchquery in getsearch and board_id in viewboard, and these issues occur when magic_quotes_gpc is disabled. The CVE-2008-2996 entry documents remote execution of...
Gravity Board X 2.0 Beta (SQL/XSS) Multiple Remote Vulnerabilities
No description provided by source. ==================================================================== Gravity Board X 2.0 Beta SQL/XSS Multiple Remote Vulnerabilities ==================================================================== ,--^----------,--------,-----,-------^--, | |||||||||...
gravity-sqlxss.txt
==================================================================== Gravity Board X 2.0 Beta SQL/XSS Multiple Remote Vulnerabilities ==================================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking...
Gravity Board X 2.0 Beta (SQL/XSS) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ================================================================== Gravity Board X 2.0 Beta SQL/XSS Multiple Remote Vulnerabilities ================================================================== ,--^----------,--------,-----,-------^--...
Gravity Board X 2.0 Beta - SQL Injection Cross-Site Scripting
Gravity Board X 2.0 Beta - SQL Injection Cross-Site Scripting ==================================================================== Gravity Board X 2.0 Beta SQL/XSS Multiple Remote Vulnerabilities ====================================================================...
Gravity Board X 2.0 Beta - SQL Injection / Cross-Site Scripting
==================================================================== Gravity Board X 2.0 Beta SQL/XSS Multiple Remote Vulnerabilities ==================================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking...
Gravity Board X <= 1.1 (csscontent) Remote Code Execution Exploit
Exploit for unknown platform in category web applications ================================================================= Gravity Board X new or die; $res = $gr-get$path.'editcss.php?csscontent='; if$res-asstring = /unable to save changes/ print "Forum unable to save changes in css template...
Gravity Board X 1.1 - csscontent Remote Code Execution
Gravity Board X 1.1 - csscontent Remote Code Execution !/usr/bin/perl Gravity Board X v1.1 possibly prior versions remote code execution exploit coded by 1dt.w0lf 14.08.2005 RST/GHC http://rst.void.ru http://ghc.ru use LWP::UserAgent; if@ARGVnew or die; $res =...
Gravity Board X <= 1.1 (csscontent) Remote Code Execution Exploit
No description provided by source. !/usr/bin/perl Gravity Board X v1.1 possibly prior versions remote code execution exploit coded by 1dt.w0lf 14.08.2005 RST/GHC http://rst.void.ru http://ghc.ru use LWP::UserAgent; if@ARGV1 exit0; $path = $ARGV0; header; print "Creating shell... Please wait\n"; $...
Gravity Board X 1.1 - 'csscontent' Remote Code Execution
!/usr/bin/perl Gravity Board X v1.1 possibly prior versions remote code execution exploit coded by 1dt.w0lf 14.08.2005 RST/GHC http://rst.void.ru http://ghc.ru use LWP::UserAgent; if@ARGVnew or die; $res = $gr-get$path.'editcss.php?csscontent='; if$res-asstring = /unable to save changes/ print...
CVE-2005-2563
CVE-2005-2563 involves multiple XSS vulnerabilities in Gravity Board X (GBX) 1.1. The flaws allow remote attackers to inject arbitrary web script or HTML via (1) the board_id parameter to deletethread.php and (2) the template. The cited sources describe the affected software and the two attack ve...
CVE-2005-2562
SQL injection vulnerability in Gravity Board X GBX 1.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the login field...
CVE-2005-2563
Multiple cross-site scripting XSS vulnerabilities in Gravity Board X GBX 1.1 allow remote attackers to inject arbitrary web script or HTML via 1 the boardid parameter to deletethread.php or 2 the template...
CVE-2005-2563
Multiple cross-site scripting XSS vulnerabilities in Gravity Board X GBX 1.1 allow remote attackers to inject arbitrary web script or HTML via 1 the boardid parameter to deletethread.php or 2 the template...
CVE-2005-2564
Direct static code injection vulnerability in editcss.php in Gravity Board X GBX 1.1 allows remote attackers to execute arbitrary PHP code, HTML, and script via the csscontent parameter, which is directly inserted into the gbxfinal.css file...