30 matches found
EUVD-2005-0301
Malware in sbrugna...
EUVD-2006-2110
Malware in sbrugna...
EUVD-2007-1836
Malware in sbrugna...
JSBoard 2.0.x Remote Arbitrary Script Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11983/info JSBoard is reported prone to a vulnerability that can allow a remote attacker to upload arbitrary PHP scripts to a vulnerable server. This issue results from insufficient sanitization of user-supplied input. If...
JSBoard 2.0.10/2.0.11 Login.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17778/info JSBoard is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...
jsboard 2.0.16 Local File Include Vulnerability
Exploit for php platform in category web applications ----------exploit Debut Local File Include Vulnerability ----------Script Info Author : JIKO ----------Script Info Site : http://kldp.net/projects/jsboard/ Version : 2.0.16 Download : http://kldp.net/frs/download.php/6058/jsboard-2.0.16.tar.gz...
Directory traversal
Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019...
CVE-2007-1842
Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019...
CVE-2007-1842
Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019...
CVE-2007-1842
CVE-2007-1842 affects JSBoard prior to 2.0.12. It is a directory-traversal in login.php where a .. in the table parameter enables remote attackers to include and execute local files (illustrated by PHP sequences injected into an Apache log). This is a confirmed vulnerability with potential arbitr...
JSBoard 2.0.10 (login.php table) Local File Inclusion Vulnerability
No description provided by source. !/usr/bin/perl jsboard 2.0.10login.php tableLocal File Inclusion Exploit D.Script: http://kldp.net/frs/download.php/1729/jsboard-2.0.10.tar.gz if$table && fileexists"data/$table/config.php" include "data/$table/config.php"; Discovered & Coded by : GolDM =...
JSBoard 2.0.10 (login.php table) Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications =================================================================== JSBoard 2.0.10 login.php table Local File Inclusion Vulnerability =================================================================== !/usr/bin/perl jsboard 2.0.10login.ph...
aklink-sa-2006-001-jsboard-xss.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================ ||| Security Advisory AKLINK-SA-2006-001 ||| ||| CAN-2006-2109 CVE candidate ||| ============================================ JSBoard - Cross Site Scripting Attack ===================================== Date...
Cross site scripting
Cross-site scripting XSS vulnerability in the parsequerystr function in include/print.php in JSBoard 2.0.10 and 2.0.11, and possibly other versions before 2.0.12, allows remote attackers to inject arbitrary web script or HTML via parameters that are set as global variables within the program, as...
CVE-2006-2109
Cross-site scripting XSS vulnerability in the parsequerystr function in include/print.php in JSBoard 2.0.10 and 2.0.11, and possibly other versions before 2.0.12, allows remote attackers to inject arbitrary web script or HTML via parameters that are set as global variables within the program, as...
CVE-2006-2109
Cross-site scripting XSS vulnerability in the parsequerystr function in include/print.php in JSBoard 2.0.10 and 2.0.11, and possibly other versions before 2.0.12, allows remote attackers to inject arbitrary web script or HTML via parameters that are set as global variables within the program, as...
CVE-2006-2109
CVE-2006-2109 is a documented XSS flaw in JSBoard. The vulnerability exists in parse_query_str() within include/print.php, where CGI query variables are indiscriminately exported as global variables, enabling remote attackers to inject script via parameters (demonstrated with the login.php?table=...
JSBoard 2.0.10/2.0.11 - 'login.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17778/info JSBoard is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of a...
JSBoard XSS vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================ ||| Security Advisory AKLINK-SA-2006-001 ||| ||| CAN-2006-2109 CVE candidate ||| ============================================ JSBoard - Cross Site Scripting Attack ===================================== Date...
JSBoard 2.0.102.0.11 - login.php Cross-Site Scripting
JSBoard 2.0.102.0.11 - login.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17778/info JSBoard is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...