19 matches found
EUVD-2002-0325
Malware in sbrugna...
EUVD-2002-2209
Malware in sbrugna...
EUVD-2001-0076
Malware in sbrugna...
CVE-2002-2230
Cross-site scripting XSS vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via a private message with a javascript: URL in the IMG tag, in which the URL ends in a ".gif" or ".jpg" string, a variant of CVE-2002-0328...
CVE-2004-1406
SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0 through 3.1.3 allows remote attackers to inject arbitrary SQL commands via the 1 st or 2 keywords parameter...
CVE-2003-0770
FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl "eval" statement...
CVE-2003-0770
FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl "eval" statement...
IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution (2)
IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution 2 source: https://www.securityfocus.com/bid/7361/info It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data...
IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution (2)
source: https://www.securityfocus.com/bid/7361/info It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data. An attacker may exploit this issue to execute arbitrary...
IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution (1)
source: https://www.securityfocus.com/bid/7361/info It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data. An attacker may exploit this issue to execute arbitrary...
IkonBoard v3.1.1: arbitrary command execution
============================================================================ Vulnerable: IkonBoard 3.1.1 and probably earlier Category: Perl/CGI coding errors Impact: Arbitrary command execution Date: 1st April 2003 Vendor: The Jarvis Group Homepage: http://www.ikonboard.com/ Vendor Status: First...
CVE-2002-2230
Cross-site scripting XSS vulnerability in Ikonboard 3.1.1 allows remote attackers to inject arbitrary web script or HTML via a private message with a javascript: URL in the IMG tag, in which the URL ends in a ".gif" or ".jpg" string, a variant of CVE-2002-0328...
CVE-2002-0328
Cross-site scripting vulnerability in Ikonboard 3.0.1 allows remote attackers to execute arbitrary script as other Ikonboard users and steal cookies via Javascript in an IMG tag...
Ikonboard v2.1.7b "show files" vulnerability
Product: Ikonboard - Version: 2.1.7b - OS: Unix, NT - Vendor: Notified, http://www.ikonboard.com -= Summary =- This is another bug in the Ikonboard. Anyone can read any file on the remote system with the privileges of the web server. -= Problem =- File: help.cgi ---L.44--- $inhelpon = $query -...
IkonBoard 2.1.7b - Remote File Disclosure
IkonBoard 2.1.7b - Remote File Disclosure source: https://www.securityfocus.com/bid/2471/info Ikonboard is a perl-based discussion forum script from ikonboard.com. Versions of Ikonboard are vulnerable to remote disclosure of arbitrary files. By adding a null byte to the name of a requested file,...
IkonBoard 2.1.7b - Remote File Disclosure
source: https://www.securityfocus.com/bid/2471/info Ikonboard is a perl-based discussion forum script from ikonboard.com. Versions of Ikonboard are vulnerable to remote disclosure of arbitrary files. By adding a null byte to the name of a requested file, the attacker can defeat the script's inbui...
CVE-2001-0076
register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers to execute arbitrary commands via the SENDMAIL parameter, which overwrites an internal program variable that references a program to be executed...
CVE-2001-0076
register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers to execute arbitrary commands via the SENDMAIL parameter, which overwrites an internal program variable that references a program to be executed...
Remote vulnerability in Ikonboard upto version 2.1.7b
Summary: -------- Ikonboard is a free forum system. Similair to UBB and UB. Versions up to and including 2.1.7b contain a vulnerability that allows commands to be executed as the script user. Therefore compromising security of the system running the board and allowing an attacker to get passwords...