CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the membercookie cookie when adding a new thread...

6.8CVSS8.7AI score0.00233EPSS

Exploits2References1

CVE•added 2010/05/07 10:0 p.m.•44 views

CVE-2010-1859

DeluxeBB

6.8CVSS8.6AI score0.00233EPSS

Exploits2References2Affected Software1

CVE•added 2007/12/04 6:0 p.m.•45 views

CVE-2007-6237

cp.php in DeluxeBB 1.09 fails to verify that the membercookie matches the authenticated member during profile updates, enabling remote authenticated users to change e-mails for arbitrary accounts via a modified membercookie parameter (a different vector than CVE-2006-4078). This can be leveraged ...

9CVSS6.3AI score0.02021EPSS

Exploits0References4Affected Software1

Cvelist•added 2006/07/21 9:0 p.m.•16 views

CVE-2006-3797

SQL injection vulnerability in DeluxeBB 1.07 and earlier allows remote attackers to bypass authentication, spoof users, and modify settings via the 1 memberpw and 2 membercookie cookies...

7.6AI score0.01111EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by