EUVD-2006-5793

Malware in sbrugna...

EUVD-2006-6875

Malware in sbrugna...

OvBB 0.x thread.php threadid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15566/info OvBB is prone to multiple SQL injection vulnerabilities. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit...

OvBB 0.x profile.php userid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15566/info OvBB is prone to multiple SQL injection vulnerabilities. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit...

OvBB 0.16a - Multiple Local File Inclusion Vulnerabilities

No description provided by source. OvBB v0.16a Multiple Local File Inclusion Vulnerabilities Found by cOndemned Tested on Linux Debian apache + php5 + mysql download at http://sourceforge.net/projects/ovbb/ source of /skins/default/addevent.tpl.php 1. ?php 2. // Header. 3. $strPageTitle = ::...

OvBB V0.16a Forum Reinstall login Vulnerability

Exploit for php platform in category web applications =============================================== OvBB V0.16a Forum Reinstall login Vulnerability =============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 ...

OvBB V0.16a Forum Remote SQL Injection Exploit

Exploit for perl platform in category web applications ============================================== OvBB V0.16a Forum Remote SQL Injection Exploit ============================================== !/usr/bin/perl -w OvBB V0.16a Forum Remote SQL Injection Exploit Found & Coded: indoushka Date:...

OvBB 0.16a Local File Inclusion

OvBB v0.16a Multiple Local File Inclusion Vulnerabilities Found by cOndemned Tested on Linux Debian apache + php5 + mysql download at http://sourceforge.net/projects/ovbb/ source of /skins/default/addevent.tpl.php 1. ?php 2. // Header. 3. $strPageTitle = " :: Calendar :. New$strType Event"; 4...

OvBB v0.16a Multiple Local File Inclusion Vulnerabilities

Exploit for php platform in category web applications ========================================================= OvBB v0.16a Multiple Local File Inclusion Vulnerabilities ========================================================= OvBB v0.16a Multiple Local File Inclusion Vulnerabilities Found by...

OvBB 0.16a - Multiple Local File Inclusions

OvBB 0.16a - Multiple Local File Inclusions OvBB v0.16a Multiple Local File Inclusion Vulnerabilities Found by cOndemned Tested on Linux Debian apache + php5 + mysql download at http://sourceforge.net/projects/ovbb/ source of /skins/default/addevent.tpl.php 1. ?php 2. // Header. 3. $strPageTitle ...

OvBB 0.16a - Multiple Local File Inclusions

OvBB v0.16a Multiple Local File Inclusion Vulnerabilities Found by cOndemned Tested on Linux Debian apache + php5 + mysql download at http://sourceforge.net/projects/ovbb/ source of /skins/default/addevent.tpl.php 1. ?php 2. // Header. 3. $strPageTitle = " :: Calendar :. New$strType Event"; 4...

CVE-2006-6892

Cross-site scripting XSS vulnerability in the GetLocation function in online.php in Jonathon J. Freeman OvBB 0.13a allows remote attackers to inject arbitrary web script or HTML via the aRequest variable...

CVE-2006-6892

The CVE-2006-6892 entry concerns OvBB 0.13a (Jonathon J. Freeman) with an XSS flaw in GetLocation() in online.php. The issue allows remote attackers to inject arbitrary script/HTML via the aRequest parameter, enabling client-side impact on affected pages. The vulnerability is caused by improper h...

[SA23484] OvBB Script Insertion Vulnerability

TITLE: OvBB Script Insertion Vulnerability SECUNIA ADVISORY ID: SA23484 VERIFY ADVISORY: http://secunia.com/advisories/23484/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: OvBB 0.x http://secunia.com/product/13131/ DESCRIPTION: A vulnerability has been...

CVE-2006-6892

Cross-site scripting XSS vulnerability in the GetLocation function in online.php in Jonathon J. Freeman OvBB 0.13a allows remote attackers to inject arbitrary web script or HTML via the aRequest variable...

CVE-2006-5809

Multiple unspecified vulnerabilities in Jonathon J. Freeman OvBB before 0.13a have unknown impact and attack vectors...

CVE-2006-5809

Technical details are not publicly available in the provided documents. Current entries describe generic, unrevealed vulnerabilities in OvBB before 0.13a without specifics on impact, vectors, or remediation. Monitor for updates.

CVE-2006-5809

Multiple unspecified vulnerabilities in Jonathon J. Freeman OvBB before 0.13a have unknown impact and attack vectors...

CVE-2005-3918

Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote attackers to execute arbitrary SQL commands via the 1 threadid parameter to thread.php and 2 userid parameter to profile.php. NOTE: the vendor disputes these issues, saying "these reports are completely unsubstantial...

CVE-2005-3918

CVE-2005-3918 affects OvBB 0.08a with SQL injection vulnerabilities exposed via the threadid parameter to thread.php and the userid parameter to profile.php. The connected PT-2005-4658 entry provides concrete details: attackers can remotely execute arbitrary SQL commands due to these input vector...