Lucene search
K

100 matches found

CVE
CVE
added 2005/05/10 4:0 a.m.49 views

CVE-2004-1967

Open Bulletin Board (OpenBB) 1.0.6 and earlier contains CSRF vulnerabilities in cp_forums.php, cp_usergroup.php, cp_ipbans.php, myhome.php, post.php, and moderator.php that allow remote attackers to execute arbitrary code by including code in an image tag or a link. The PT-2004-2864 entry confirm...

8.8CVSS8.3AI score0.01635EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2005/05/10 4:0 a.m.53 views

CVE-2004-1966

Open Bulletin Board (OpenBB) 1.0.6 and earlier contains multiple SQL injection flaws allowing remote SQL command execution via parameters: FID in board.php; sortorder, perpage, or id in member.php; forums in search.php; and PID or FID in post.php. Root cause is unvalidated input in these endpoint...

7.5CVSS9AI score0.01337EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2005/05/10 4:0 a.m.38 views

CVE-2004-1969

The CVE-2004-1969 entry concerns Open Bulletin Board (OpenBB)

7.5CVSS7.5AI score0.01549EPSS
Exploits0References5
CVE
CVE
added 2005/05/10 4:0 a.m.95 views

CVE-2004-1965

OpenBB/Open Bulletin Board (v1.0.6 and earlier) exposes XSS via four vectors: (1) redirect in member.php, (2) to parameter in myhome.php, (3) TID parameter in post.php, and (4) redirect in index.php. The connected nuclei template confirms OpenBB 1.0.6 as vulnerable to open redirect/XSS with these...

4.3CVSS5.8AI score0.08442EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2004/09/27 12:0 a.m.51 views

OpenBB board.php FID Parameter XSS

The remote host seems to be running OpenBB, a forum management system written in PHP. The remote version of this software is vulnerable to cross-site scripting attacks, through the script 'board.php'. Using a specially crafted URL, an attacker can cause arbitrary code execution for third-party...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.7 views

OpenBB Multiple SQL Injection

Binary data 1557.prm...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2004/04/27 12:0 a.m.35 views

Multiple Vulnerabilities In OpenBB

Vendor : OpenBB Group URL : http://www.openbb.com Version : Open Bulletin Board 1.0.6 && Earlier Risk : Multiple Vulnerabilities Description: OpenBB is a fast, lightweight, powerful bulletin board written in PHP/MySQL. Main features include: full customization via styles templates, instant...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2004/04/26 12:0 a.m.19 views

OpenBB 1.0.x - board.php?FID SQL Injection

OpenBB 1.0.x - board.php?FID SQL Injection source: https://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2004/04/26 12:0 a.m.9 views

OpenBB 1.0.x - search.php?q SQL Injection

OpenBB 1.0.x - search.php?q SQL Injection source: https://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/04/26 12:0 a.m.25 views

OpenBB 1.0.x - 'post.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may allow a remote attacker to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/04/26 12:0 a.m.38 views

OpenBB 1.0.x - 'post.php?TID' Cross-Site Scripting

source: https://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may allow a remote attacker to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/04/26 12:0 a.m.21 views

OpenBB 1.0.x - 'myhome.php?to' Cross-Site Scripting

source: https://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may allow a remote attacker to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/04/26 12:0 a.m.45 views

OpenBB 1.0.x - 'board.php?FID' SQL Injection

source: https://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may allow a remote attacker to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/04/26 12:0 a.m.17 views

OpenBB 1.0.x - 'member.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/10214/info It has been reported that OpenBB is affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied user input. The SQL issues may allow a remote attacker to...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2004/04/25 12:0 a.m.7 views

PT-2004-2864 · Openbb · Openbb

Name of the Vulnerable Software and Affected Versions: OpenBB versions 1.0.6 and earlier Description: The issue allows remote attackers to execute arbitrary code by including the code in an image tag or a link, due to cross-site request forgery CSRF vulnerabilities in several files, including cp...

8.8CVSS7.7AI score0.01635EPSS
Exploits1References5
Exploit DB
Exploit DB
added 2004/04/24 12:0 a.m.44 views

OpenBB < 1.0.6 - Multiple Vulnerabilities

OpenBB Multiple Vulnerabilities Vendor: OpenBB Group Product: OpenBB Version: getrow; $ftype = $querytype-field'type'; As we can see from...

4.3CVSS6.7AI score0.08442EPSS
Exploits3
exploitpack
exploitpack
added 2004/04/24 12:0 a.m.39 views

OpenBB 1.0.6 - Multiple Vulnerabilities

OpenBB 1.0.6 - Multiple Vulnerabilities OpenBB Multiple Vulnerabilities Vendor: OpenBB Group Product: OpenBB Version: getrow; $ftype = $querytype-field'type'; As we can se...

4.3CVSS0.3AI score0.08442EPSS
Exploits3
Exploit DB
Exploit DB
added 2004/04/05 12:0 a.m.18 views

OpenBB 1.0.6 - 'myhome.php' SQL Injection

source: https://www.securityfocus.com/bid/10044/info It has been reported that OpenBB is prone to a vulnerability that may allow malicious users to influence SQL queries of the affected application. This issue is due to a failure of the application to properly sanitize user-supplied URI data. Thi...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/04/05 12:0 a.m.12 views

OpenBB 1.0.6 - myhome.php SQL Injection

OpenBB 1.0.6 - myhome.php SQL Injection source: https://www.securityfocus.com/bid/10044/info It has been reported that OpenBB is prone to a vulnerability that may allow malicious users to influence SQL queries of the affected application. This issue is due to a failure of the application to...

8.6AI score
Exploits0
securityvulns
securityvulns
added 2003/12/27 12:0 a.m.32 views

OpenBB 1.06 SQL Injection

Hello bugtraq readers, A vulnerability exists in OpenBB 1.06 that could allow an attacker to manipulate SQL queries and obtain sensitive information from the database such as the administrator md5 password hash. This vulnerability exists because the index.php script of the application does not...

Exploits0
Rows per page
Query Builder