3 matches found
CVE-2009-3649
PBBoard (Power Bulletin Board) suffers a cross-site scripting (XSS) vulnerability in forums/index.php, affecting version 2.0.2 and earlier. The issue arises in the id parameter of the "new_topic" action, allowing remote attackers to inject arbitrary web script or HTML. Affected software is PBBoar...
PBBoard 2.0.2 Cross Site Scripting
Sec-Area Advisorypbboard Back to forums You will find the code works -------------------------------------------- World Defacers Team http://www.Sec-area.com --------------------------------------------...
PBBoard 2.0.2 - Full Path Disclosure
AdvisoryPBBoard GET as $sqlget if eregi"select", $sqlget or eregi"union", $sqlget or eregi"%", $sqlget $this-error'?? ¨¹??? ± ?´±?¹?!'; ================ ================ 2. Full Path Disclosure ----------------------------------- allow attackers to gather the real path of the server side script...