54 matches found
EUVD-2004-2643
Malware in sbrugna...
EUVD-2008-2020
Malware in sbrugna...
EUVD-2008-2021
Malware in sbrugna...
EUVD-2006-0147
Malware in sbrugna...
EUVD-2008-0446
Malware in sbrugna...
EUVD-2004-2138
Malware in sbrugna...
EUVD-2004-2137
Malware in sbrugna...
CVE-2004-2653
Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1 allows attackers to gain privileges via unknown vectors involving 1 admin/userlevelmembers-edit.asp and 2 admin/edit-groups.asp...
MegaBBS 1.5.14b 'upload.asp' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27368/info MegaBBS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...
PD9 Software MegaBBS 2.0/2.1 ladder-log.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/11253/info MegaBBS is reported prone to multiple vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out HTTP response splitting and SQL injection...
PD9 Software MegaBBS 2.0/2.1 thread-post.asp Multiple Header CRLF Injection
No description provided by source. source: http://www.securityfocus.com/bid/11253/info MegaBBS is reported prone to multiple vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out HTTP response splitting and SQL injection...
megabbs forum 2.2 (sql/xss) Multiple Vulnerabilities
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: MegaBBS Forum Multiple Vulnerabilities. Vendor: http://www.pd9soft.com/ Vulnerable Version: 2.2 Exploit: Available Impact: Medium Fix: N/A Original Advisory: http://bugreport.ir/index.php?/37 1. Descriptio...
PD9 Software MegaBBS 2.0/2.1 view-profile.asp Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/11253/info MegaBBS is reported prone to multiple vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data and may allow an attacker to carry out HTTP response splitting and SQL injection...
Cross site scripting
Mulatiple cross-site scripting XSS vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 toid parameter to send-private-message.asp and the 2 redirect parameter to admin/impersonate.asp. NOTE: vector 2 requires authentication...
CVE-2008-2022
Mulatiple cross-site scripting XSS vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 toid parameter to send-private-message.asp and the 2 redirect parameter to admin/impersonate.asp. NOTE: vector 2 requires authentication...
Sql injection
Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to execute arbitrary SQL commands via the 1 invisible and 2 timeoffset parameters to profile/controlpanel.asp and the 3 attachmentid parameter to forums/attach-file.asp...
CVE-2008-2023
Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to execute arbitrary SQL commands via the 1 invisible and 2 timeoffset parameters to profile/controlpanel.asp and the 3 attachmentid parameter to forums/attach-file.asp...
CVE-2008-2022
The CVE-2008-2022 entry describes multiple XSS vulnerabilities in PD9 Software MegaBBS 2.2. Affected component paths include send-private-message.asp (via the toid parameter) and admin/impersonate.asp (via the redirect parameter); the second vector requires authentication. The vulnerabilities all...
CVE-2008-2023
CVE-2008-2023 affects PD9 Software MegaBBS 2.2. The vulnerability is a set of SQL injection flaws that allow remote attackers to execute arbitrary SQL commands via the following parameters: (1) invisible and (2) timeoffset in profile/controlpanel.asp, and (3) attachmentid in forums/attach-file.as...
CVE-2008-2022
Mulatiple cross-site scripting XSS vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 toid parameter to send-private-message.asp and the 2 redirect parameter to admin/impersonate.asp. NOTE: vector 2 requires authentication...