CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-12976

Malware in sbrugna...

9.8CVSS9.2AI score0.00264EPSS

Exploits1References2

Prion•added 2020/12/14 9:15 p.m.•8 views

Sql injection

SQL Injection vulnerability in NewPK 1.1 via the title parameter to admin\newpost.php...

7.5CVSS9.7AI score0.00264EPSS

Exploits1References1Affected Software1

CVE•added 2020/12/14 8:38 p.m.•32 views

CVE-2020-20189

CVE-2020-20189 is a SQL Injection vulnerability in NewPK 1.1 via the title parameter to admin\newpost.php. The affected component is NewPK 1.1 and the root cause is improper input handling in the title field, enabling SQL statements to be executed against the database. CVSS scores on the entry ar...

9.8CVSS9.7AI score0.00264EPSS

Exploits1References1Affected Software1

seebug.org•added 2014/07/01 12:0 a.m.•20 views

DeluxeBB 1.0 newpost.php fid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries. Successful exploitation could result in a...

7.1AI score

Exploits0

Cvelist•added 2011/12/24 7:0 p.m.•11 views

CVE-2011-3838

Multiple SQL injection vulnerabilities in Wuzly 2.0 allow remote attackers to execute arbitrary SQL commands via the 1 u parameter to fp.php, 2 epage parameter to newpage.php, 3 epost parameter to newpost.php, and 4 username parameter to login.php in admin/; or the 5 username parameter to...

8.5AI score0.00836EPSS

Exploits0References8

Prion•added 2010/05/07 11:0 p.m.•8 views

Sql injection

SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the membercookie cookie when adding a new thread...

6.8CVSS9AI score0.00233EPSS

Exploits2References2Affected Software1

Positive Technologies•added 2006/09/06 12:0 a.m.•1 views

PT-2006-5351 · Deluxebb +1 · Deluxebb +1

Name of the Vulnerable Software and Affected Versions: DeluxeBB versions 1.06 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php, specifically when run...

7.5CVSS7.7AI score0.09018EPSS

Exploits1References9

NVD•added 2006/08/11 1:4 a.m.•10 views

CVE-2006-4079

Cross-site scripting XSS vulnerability in newpost.php in DeluxeBB 1.08, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the subject parameter aka the topic title field...

6.8CVSS5.8AI score0.0124EPSS

Exploits0References5

exploitpack•added 2005/09/15 12:0 a.m.•15 views

DeluxeBB 1.0 - newpost.php SQL Injection

DeluxeBB 1.0 - newpost.php SQL Injection source: https://www.securityfocus.com/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries. Successful exploitation could result i...

8.7AI score

Exploits0

Exploit DB•added 2005/09/15 12:0 a.m.•25 views

DeluxeBB 1.0 - 'newpost.php' SQL Injection

source: https://www.securityfocus.com/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries. Successful exploitation could result in a compromise of the application,...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by