Lucene search
K

100 matches found

Exploit DB
Exploit DB
added 2003/12/27 12:0 a.m.37 views

OpenBB 1.0 - 'board.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/9303/info OpenBB is prone to a cross-site scripting vulnerability in the 'board.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via URI parameters. This input will be included in...

7AI score
Exploits0
exploitpack
exploitpack
added 2003/12/27 12:0 a.m.14 views

OpenBB 1.0 - board.php Cross-Site Scripting

OpenBB 1.0 - board.php Cross-Site Scripting source: https://www.securityfocus.com/bid/9303/info OpenBB is prone to a cross-site scripting vulnerability in the 'board.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via URI...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/04/26 12:0 a.m.21 views

OpenBB index.php CID Parameter SQL Injection

The remote host seems to be running OpenBB, a forum management system. There is a bug which allows an attacker to inject SQL command when passing a single quote ' to the CID argument of the file index.php, as in : GET /index.php?CID=' An attacker may use this flaw to gain credentials or to modify...

5.8AI score
Exploits0
securityvulns
securityvulns
added 2003/04/25 12:0 a.m.43 views

Multiple SQL injection on OpenBB forums

/----------------------------------------------------------------------------- | 7 A 6 9 - A d v C: 008 |-----------------------------------------------------------------------------| | | SQL injection on OpenBB forums | ----------------------------------------------------------------------------...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2003/04/22 12:0 a.m.25 views

OpenBB 1.01.1 - board.php SQL Injection

OpenBB 1.01.1 - board.php SQL Injection source: https://www.securityfocus.com/bid/7404/info It has been reported that OpenBB does not properly check input passed via the 'board.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the...

Exploits0
exploitpack
exploitpack
added 2003/04/22 12:0 a.m.16 views

OpenBB 1.01.1 - index.php SQL Injection

OpenBB 1.01.1 - index.php SQL Injection source: https://www.securityfocus.com/bid/7401/info It has been reported that OpenBB does not properly check input passed via the 'index.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the...

Exploits0
exploitpack
exploitpack
added 2003/04/22 12:0 a.m.14 views

OpenBB 1.01.1 - member.php SQL Injection

OpenBB 1.01.1 - member.php SQL Injection source: https://www.securityfocus.com/bid/7405/info It has been reported that OpenBB does not properly check input passed via the 'member.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of t...

Exploits0
Exploit DB
Exploit DB
added 2003/04/22 12:0 a.m.26 views

OpenBB 1.0/1.1 - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/7401/info It has been reported that OpenBB does not properly check input passed via the 'index.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the bulletin board software. The consequenc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/22 12:0 a.m.26 views

OpenBB 1.0/1.1 - 'board.php' SQL Injection

source: https://www.securityfocus.com/bid/7404/info It has been reported that OpenBB does not properly check input passed via the 'board.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the bulletin board software. The consequenc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/22 12:0 a.m.23 views

OpenBB 1.0/1.1 - 'member.php' SQL Injection

source: https://www.securityfocus.com/bid/7405/info It has been reported that OpenBB does not properly check input passed via the 'member.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the bulletin board software. The...

7AI score
Exploits0
CVE
CVE
added 2003/04/02 5:0 a.m.48 views

CVE-2002-0330

OpenBB (Open Bulletin Board) 1.0.0 family is affected by a cross-site scripting vulnerability in codeparse.php that allows remote attackers to inject script and access cookies via an IMG tag. The issue stems from insufficient filtering of user input in image-related markup (including onerror in I...

7.5CVSS7AI score0.07854EPSS
Exploits2References5Affected Software1
securityvulns
securityvulns
added 2002/05/24 12:0 a.m.37 views

Security holes in OpenBB

Product : OpenBB http://www.prolixmedia.com Versions : 1.0.0 RC3 and less ? Problems : - XSS - Access to moderators' options Exploits : - /myhome.php?action=messages&box=form20name=ainput 20name=i20value=XSS/formscriptalert document.a.i.value/script - imghttp://" onerror="SCRIPT"/img - glow...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2002/05/24 12:0 a.m.10 views

OpenBB 1.0.0 RC3 - Cross-Site Scripting

OpenBB 1.0.0 RC3 - Cross-Site Scripting source: https://www.securityfocus.com/bid/4824/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. It has been reported that OpenBB is vulnerable to a cross-site...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2002/05/24 12:0 a.m.14 views

OpenBB 1.0 - Unauthorized Moderator Access

OpenBB 1.0 - Unauthorized Moderator Access source: https://www.securityfocus.com/bid/4823/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB is reported to be vulnerable to a condition that will...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2002/05/24 12:0 a.m.19 views

OpenBB 1.0.0 RC3 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/4824/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. It has been reported that OpenBB is vulnerable to a cross-site scripting attack. Attackers may exploit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/05/24 12:0 a.m.28 views

OpenBB 1.0 - Unauthorized Moderator Access

source: https://www.securityfocus.com/bid/4823/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB is reported to be vulnerable to a condition that will allow an unauthorized user to gain moderat...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/05/24 12:0 a.m.26 views

OpenBB 1.0.0 RC3 - BBCode Cross Agent HTML Injection

source: https://www.securityfocus.com/bid/4819/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB is reportedly vulnerable to HTML injection attacks. The vulnerability occurs when HTML code is...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/05/24 12:0 a.m.12 views

OpenBB 1.0.0 RC3 - BBCode Cross Agent HTML Injection

OpenBB 1.0.0 RC3 - BBCode Cross Agent HTML Injection source: https://www.securityfocus.com/bid/4819/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB is reportedly vulnerable to HTML injection...

Exploits0
exploitpack
exploitpack
added 2002/02/25 12:0 a.m.14 views

OpenBB 1.0.x - Image Tag Cross-Agent Scripting

OpenBB 1.0.x - Image Tag Cross-Agent Scripting source: https://www.securityfocus.com/bid/4171/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB allows users to include images in forum messages...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2002/02/25 12:0 a.m.21 views

OpenBB 1.0.x - Image Tag Cross-Agent Scripting

source: https://www.securityfocus.com/bid/4171/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB allows users to include images in forum messages using image tags, with the following syntax:...

7.4AI score
Exploits0
Rows per page
Query Builder