59 matches found
EUVD-2001-0359
Malware in sbrugna...
EUVD-2001-0076
Malware in sbrugna...
EUVD-2004-1403
Malware in sbrugna...
EUVD-2002-0325
Malware in sbrugna...
EUVD-2002-2209
Malware in sbrugna...
EUVD-2002-2210
Malware in sbrugna...
EUVD-2001-0824
Malware in sbrugna...
CVE-2002-2230
Cross-site scripting XSS vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via a private message with a javascript: URL in the IMG tag, in which the URL ends in a ".gif" or ".jpg" string, a variant of CVE-2002-0328...
IkonBoard 3.1 Lang Cookie Arbitrary Command Execution Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/7361/info It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data. An attacker may exploit...
IkonBoard 3.1 Lang Cookie Arbitrary Command Execution Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/7361/info It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data. An attacker may exploit...
Ikonboard 2.17/3.0/3.1 Image Tag Cross-Agent Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4182/info Ikonboard is a Web Bulletin Board Service BBS software package written in Perl which runs on Unix and Linux variants. Ikonboard allows users to include images in forum messages using image tags, with the followi...
Ikonboard 2.1.7 b Remote File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2471/info Ikonboard is a perl-based discussion forum script from ikonboard.com. Versions of Ikonboard are vulnerable to remote disclosure of arbitrary files. By adding a null byte to the name of a requested file, the...
Ikonboard 3.x Multiple Remote SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/11982/info Multiple remote SQL injection vulnerabilities reportedly affect Ikonboard. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An...
CVE-2002-2230
CVE-2002-2230 describes an XSS vulnerability in Ikonboard 3.1.1 where remote attackers can inject arbitrary script via a private message containing a javascript: URL in an IMG tag, with the URL ending in ".gif" or ".jpg". The connected Red Hat CVE entry confirms this issue as a cross-site scripti...
CVE-2002-2230
Cross-site scripting XSS vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via a private message with a javascript: URL in the IMG tag, in which the URL ends in a ".gif" or ".jpg" string, a variant of CVE-2002-0328...
CVE-2002-2231
Cross-site scripting XSS vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via 1 a javascript: URL in a photo URL or 2 an X-Forwarded-For: header...
CVE-2002-2231
The CVE-2002-2231 entry describes a Cross-site scripting (XSS) vulnerability in Ikonboard 3.1.1. The vulnerability allows remote attackers to inject arbitrary web script or HTML through (1) a javascript: URL in a photo URL and (2) an X-Forwarded-For header. The provided documents confirm affected...
CVE-2004-1406
CVE-2004-1406 affects IkonBoard 3.1.0–3.1.3. The issue is an input sanitization flaw in ikonboard.cgi, where the variables (st) and (keywords) are vulnerable, allowing remote attackers to inject arbitrary SQL commands. This is a remote, network‑based vulnerability with low complexity and no authe...
CVE-2004-1406
SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0 through 3.1.3 allows remote attackers to inject arbitrary SQL commands via the 1 st or 2 keywords parameter...
CVE-2004-1406
SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0 through 3.1.3 allows remote attackers to inject arbitrary SQL commands via the 1 st or 2 keywords parameter...