100 matches found
OpenBB 1.0 - 'board.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/9303/info OpenBB is prone to a cross-site scripting vulnerability in the 'board.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via URI parameters. This input will be included in...
OpenBB 1.0 - board.php Cross-Site Scripting
OpenBB 1.0 - board.php Cross-Site Scripting source: https://www.securityfocus.com/bid/9303/info OpenBB is prone to a cross-site scripting vulnerability in the 'board.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via URI...
OpenBB index.php CID Parameter SQL Injection
The remote host seems to be running OpenBB, a forum management system. There is a bug which allows an attacker to inject SQL command when passing a single quote ' to the CID argument of the file index.php, as in : GET /index.php?CID=' An attacker may use this flaw to gain credentials or to modify...
Multiple SQL injection on OpenBB forums
/----------------------------------------------------------------------------- | 7 A 6 9 - A d v C: 008 |-----------------------------------------------------------------------------| | | SQL injection on OpenBB forums | ----------------------------------------------------------------------------...
OpenBB 1.01.1 - board.php SQL Injection
OpenBB 1.01.1 - board.php SQL Injection source: https://www.securityfocus.com/bid/7404/info It has been reported that OpenBB does not properly check input passed via the 'board.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the...
OpenBB 1.01.1 - index.php SQL Injection
OpenBB 1.01.1 - index.php SQL Injection source: https://www.securityfocus.com/bid/7401/info It has been reported that OpenBB does not properly check input passed via the 'index.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the...
OpenBB 1.01.1 - member.php SQL Injection
OpenBB 1.01.1 - member.php SQL Injection source: https://www.securityfocus.com/bid/7405/info It has been reported that OpenBB does not properly check input passed via the 'member.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of t...
OpenBB 1.0/1.1 - 'index.php' SQL Injection
source: https://www.securityfocus.com/bid/7401/info It has been reported that OpenBB does not properly check input passed via the 'index.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the bulletin board software. The consequenc...
OpenBB 1.0/1.1 - 'board.php' SQL Injection
source: https://www.securityfocus.com/bid/7404/info It has been reported that OpenBB does not properly check input passed via the 'board.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the bulletin board software. The consequenc...
OpenBB 1.0/1.1 - 'member.php' SQL Injection
source: https://www.securityfocus.com/bid/7405/info It has been reported that OpenBB does not properly check input passed via the 'member.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the bulletin board software. The...
CVE-2002-0330
OpenBB (Open Bulletin Board) 1.0.0 family is affected by a cross-site scripting vulnerability in codeparse.php that allows remote attackers to inject script and access cookies via an IMG tag. The issue stems from insufficient filtering of user input in image-related markup (including onerror in I...
Security holes in OpenBB
Product : OpenBB http://www.prolixmedia.com Versions : 1.0.0 RC3 and less ? Problems : - XSS - Access to moderators' options Exploits : - /myhome.php?action=messages&box=form20name=ainput 20name=i20value=XSS/formscriptalert document.a.i.value/script - imghttp://" onerror="SCRIPT"/img - glow...
OpenBB 1.0.0 RC3 - Cross-Site Scripting
OpenBB 1.0.0 RC3 - Cross-Site Scripting source: https://www.securityfocus.com/bid/4824/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. It has been reported that OpenBB is vulnerable to a cross-site...
OpenBB 1.0 - Unauthorized Moderator Access
OpenBB 1.0 - Unauthorized Moderator Access source: https://www.securityfocus.com/bid/4823/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB is reported to be vulnerable to a condition that will...
OpenBB 1.0.0 RC3 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/4824/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. It has been reported that OpenBB is vulnerable to a cross-site scripting attack. Attackers may exploit...
OpenBB 1.0 - Unauthorized Moderator Access
source: https://www.securityfocus.com/bid/4823/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB is reported to be vulnerable to a condition that will allow an unauthorized user to gain moderat...
OpenBB 1.0.0 RC3 - BBCode Cross Agent HTML Injection
source: https://www.securityfocus.com/bid/4819/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB is reportedly vulnerable to HTML injection attacks. The vulnerability occurs when HTML code is...
OpenBB 1.0.0 RC3 - BBCode Cross Agent HTML Injection
OpenBB 1.0.0 RC3 - BBCode Cross Agent HTML Injection source: https://www.securityfocus.com/bid/4819/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB is reportedly vulnerable to HTML injection...
OpenBB 1.0.x - Image Tag Cross-Agent Scripting
OpenBB 1.0.x - Image Tag Cross-Agent Scripting source: https://www.securityfocus.com/bid/4171/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB allows users to include images in forum messages...
OpenBB 1.0.x - Image Tag Cross-Agent Scripting
source: https://www.securityfocus.com/bid/4171/info OpenBB is web forum software written in PHP. It will run on most Linux and Unix variants, in addition to Microsoft Windows operating systems. OpenBB allows users to include images in forum messages using image tags, with the following syntax:...