2 matches found
phpBB viewtopic.php highlight parameter vulnerability
Added: 12/28/2005 CVE: CVE-2005-2086 BID: 14086 OSVDB: 17613 Background phpBB is an open-source bulletin board package written in PHP. Problem This is a variant of an older vulnerability which allows remote command execution by requesting viewtopic.php with a specially crafted highlight parameter...
BasiliX Message Content Script Injection Vulnerability
The remote web server contains PHP scripts that are prone to cross-site scripting attacks. Description : The remote host appears to be running a BasiliX version 1.1.0 or lower. Such versions are vulnerable to cross-scripting attacks since they do not filter HTML tags when showing a message. As a...