20 matches found
EUVD-2012-3978
Malware in sbrugna...
EUVD-2012-3979
Malware in sbrugna...
PBBoard 2.1.4 username SQL Injection
SQL Injection vulnerabilty in PBBoard index.php username parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...
PBBoard 2.1.4 email SQL Injection
SQL Injection vulnerabilty in PBBoard index.php email parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...
PBBoard 2.1.4 - Local File Inclusion
No description provided by source. Exploit Title: PBBoard 2.1.4 Local File Inclusion Software Link: http://www.pbboard.com/PBBoardv2.1.4.zip Author: n4ss1m Date: 25-05-2012 Tested on: win/linux Home : www.Sec4ever.com Exploit-DB note: Need to be logged in, at the very least, as a standard user to...
CVE-2012-4036
Unrestricted file upload vulnerability in admin.php in PBBoard 2.1.4 allows remote administrators to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the addons directory. NOTE: this vulnerability can be leveraged b...
Unrestricted file upload
Unrestricted file upload vulnerability in admin.php in PBBoard 2.1.4 allows remote administrators to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the addons directory. NOTE: this vulnerability can be leveraged b...
CVE-2012-4036
PBBoard 2.1.4 is affected by an unrestricted file upload in admin.php that lets remote admins upload a file with an executable extension to the addons directory and access it directly, potentially executing arbitrary PHP code. This vulnerability is tied to CVE-2012-4036 and can be leveraged via C...
CVE-2012-4034
Multiple SQL injection vulnerabilities in PBBoard 2.1.4 allow remote attackers to execute arbitrary SQL commands via the 1 username parameter to the send page, 2 email parameter to the forget page, 3 password parameter to the forumarchive page, 4 section parameter to the management page, 5...
Sql injection
Multiple SQL injection vulnerabilities in PBBoard 2.1.4 allow remote attackers to execute arbitrary SQL commands via the 1 username parameter to the send page, 2 email parameter to the forget page, 3 password parameter to the forumarchive page, 4 section parameter to the management page, 5...
CVE-2012-4034
Multiple SQL injection vulnerabilities in PBBoard 2.1.4 allow remote attackers to execute arbitrary SQL commands via the 1 username parameter to the send page, 2 email parameter to the forget page, 3 password parameter to the forumarchive page, 4 section parameter to the management page, 5...
PBBoard - 'admin.php?xml_name' Arbitrary PHP Code Execution
source: https://www.securityfocus.com/bid/54916/info PBBoard is prone to multiple security vulnerabilities including: 1. Multiple SQL-injection vulnerabilities 2. A security-bypass vulnerability 3. An arbitrary file upload vulnerability Exploiting these issues could allow an attacker to carry out...
PBBoard 2.1.4 LFI
Local file include vulnerability in PBBoard page parameter Vulnerability Type: Local File Include For the exploit source code contact DSquare Security sales team...
PBBoard 2.1.4 Local File Inclusion
Exploit Title: PBBoard 2.1.4 Local File Inclusion Software Link: http://www.pbboard.com/PBBoardv2.1.4.zip Author: n4ss1m Date: 25-05-2012 Tested on: win/linux Home : www.Sec4ever.com Local File Inclusion admin.php $GET'page' $page = strreplace 'note', 'notes', $page ; $page = strreplace 'index',...
PBBoard 2.1.4 - Local File Inclusion
PBBoard 2.1.4 - Local File Inclusion Exploit Title: PBBoard 2.1.4 Local File Inclusion Software Link: http://www.pbboard.com/PBBoardv2.1.4.zip Author: n4ss1m Date: 25-05-2012 Tested on: win/linux Home : www.Sec4ever.com Exploit-DB note: Need to be logged in, at the very least, as a standard user ...
CVE-2012-1216
Multiple cross-site request forgery CSRF vulnerabilities in admin.php in PBBoard 2.1.4 allow remote attackers to hijack the authentication of administrators for requests that 1 upload a file via an add action or 2 change the contents of a file via a dit action...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in admin.php in PBBoard 2.1.4 allow remote attackers to hijack the authentication of administrators for requests that 1 upload a file via an add action or 2 change the contents of a file via a dit action...
CVE-2012-1216
Multiple cross-site request forgery CSRF vulnerabilities in admin.php in PBBoard 2.1.4 allow remote attackers to hijack the authentication of administrators for requests that 1 upload a file via an add action or 2 change the contents of a file via a dit action...
CVE-2012-1216
PBBoard 2.1.4 and likely earlier versions have multiple vulnerabilities tied to CVE-2012-1216: a CSRF flaw in admin.php that can hijack administrator sessions to perform actions (e.g., file upload via add action or file content modification via edit action), and it is linked to other issues (CVE-...
PBBoard 2.1.4 Cross Site Request Forgery / Shell Upload
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...