1275 matches found
CVE-2005-2565
Gravity Board X GBX 1.1 allows remote attackers to obtain sensitive information via 1 a 1 in the perm parameter to deletethread.php or a direct request to 2 ban.php, 3 addnews.php, 4 banned.php, 5 boardstats.php, 6 adminform.php, 7 /forms/admininfo.php, 8 /forms/announcements.php, 9...
CVE-2005-2565
Gravity Board X GBX 1.1 allows remote attackers to obtain sensitive information via 1 a 1 in the perm parameter to deletethread.php or a direct request to 2 ban.php, 3 addnews.php, 4 banned.php, 5 boardstats.php, 6 adminform.php, 7 /forms/admininfo.php, 8 /forms/announcements.php, 9...
CVE-2005-2562
CVE-2005-2562 is an SQL injection vulnerability in Gravity Board X (GBX) 1.1 that allows remote attackers to bypass authentication via the login field and execute arbitrary SQL commands. Multiple connected documents corroborate injections affecting GBX 1.1, enabling credential bypass and potentia...
CVE-2005-2562
SQL injection vulnerability in Gravity Board X GBX 1.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the login field...
CVE-2005-2565
CVE-2005-2565 concerns Gravity Board X (GBX) 1.1. The vulnerability is an information-disclosure in which error messages from several GBX pages (e.g., deletethread.php with a perm value, ban.php, addnews.php, banned.php, boardstats.php, adminform.php, /forms/admininfo.php, /forms/announcements.ph...
gravityBad.txt
4.22 07/08/2005 Gravity Board X v1.1 possibly prior versions Remote code execution, SQL Injection / Login Bypass, cross site scripting, path disclosure poc software: author site: http://www.gravityboardx.com/ a Sql Injection / Login Bypass: A user can bypass login check and grant administrator...
Gravity Board X v1.1 multiple vulnerabilities
4.22 07/08/2005 Gravity Board X v1.1 possibly prior versions Remote code execution, SQL Injection / Login Bypass, cross site scripting, path disclosure poc software: author site: http://www.gravityboardx.com/ a Sql Injection / Login Bypass: A user can bypass login check and grant administrator...
Gravity Board X 1.1 - CSS Template Unauthorized Access
Gravity Board X 1.1 - CSS Template Unauthorized Access source: https://www.securityfocus.com/bid/14502/info Gravity Board X GBX is affected by an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to...
Gravity Board X 1.1 - Login SQL Injection
Gravity Board X 1.1 - Login SQL Injection source: https://www.securityfocus.com/bid/14497/info Gravity Board X GBX is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...
Gravity Board X 1.1 DeleteThread.PHP Cross-Site Scripting Vulnerability
Gravity Board X 1.1 DeleteThread.PHP Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/14499/info Gravity Board X GBX is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitiz...
Gravity Board X 1.1 - CSS Template Unauthorized Access
source: https://www.securityfocus.com/bid/14502/info Gravity Board X GBX is affected by an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to privileged functions. An attacker can exploit this...
Gravity Board X 1.1 - Login SQL Injection
source: https://www.securityfocus.com/bid/14497/info Gravity Board X GBX is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of...
CVE-2002-0479
Gravity Storm Service Pack Manager 2000 creates a hidden share SPM2000c$ mapped to the C drive, which may allow local users to bypass access restrictions on certain directories in the C drive, such as system32, by accessing them through the hidden share...
CVE-2002-0479
Gravity Storm Service Pack Manager 2000 creates a hidden C: share (SPM2000c$) that maps to the system drive, enabling local users to bypass access restrictions on directories such as System32 via the hidden share. The sources document this behavior in the CVE-2002-0479 entry (NVD). No remediation...
CVE-2002-0479
Gravity Storm Service Pack Manager 2000 creates a hidden share SPM2000c$ mapped to the C drive, which may allow local users to bypass access restrictions on certain directories in the C drive, such as system32, by accessing them through the hidden share...