24 matches found
EUVD-2004-2643
Malware in sbrugna...
EUVD-2008-2020
Malware in sbrugna...
EUVD-2008-2021
Malware in sbrugna...
EUVD-2008-0446
Malware in sbrugna...
EUVD-2004-2137
Malware in sbrugna...
EUVD-2004-2138
Malware in sbrugna...
CVE-2004-2653
Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1 allows attackers to gain privileges via unknown vectors involving 1 admin/userlevelmembers-edit.asp and 2 admin/edit-groups.asp...
Cross site scripting
Mulatiple cross-site scripting XSS vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 toid parameter to send-private-message.asp and the 2 redirect parameter to admin/impersonate.asp. NOTE: vector 2 requires authentication...
Sql injection
Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to execute arbitrary SQL commands via the 1 invisible and 2 timeoffset parameters to profile/controlpanel.asp and the 3 attachmentid parameter to forums/attach-file.asp...
CVE-2008-2022
Mulatiple cross-site scripting XSS vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 toid parameter to send-private-message.asp and the 2 redirect parameter to admin/impersonate.asp. NOTE: vector 2 requires authentication...
CVE-2008-2023
CVE-2008-2023 affects PD9 Software MegaBBS 2.2. The vulnerability is a set of SQL injection flaws that allow remote attackers to execute arbitrary SQL commands via the following parameters: (1) invisible and (2) timeoffset in profile/controlpanel.asp, and (3) attachmentid in forums/attach-file.as...
CVE-2008-2022
The CVE-2008-2022 entry describes multiple XSS vulnerabilities in PD9 Software MegaBBS 2.2. Affected component paths include send-private-message.asp (via the toid parameter) and admin/impersonate.asp (via the redirect parameter); the second vector requires authentication. The vulnerabilities all...
CVE-2008-2023
Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to execute arbitrary SQL commands via the 1 invisible and 2 timeoffset parameters to profile/controlpanel.asp and the 3 attachmentid parameter to forums/attach-file.asp...
CVE-2008-2022
Mulatiple cross-site scripting XSS vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to inject arbitrary web script or HTML via the 1 toid parameter to send-private-message.asp and the 2 redirect parameter to admin/impersonate.asp. NOTE: vector 2 requires authentication...
Cross site scripting
Cross-site scripting XSS vulnerability in profile-upload/upload.asp in PD9 Software MegaBBS 1.5.14b allows remote attackers to inject arbitrary web script or HTML via the target parameter...
CVE-2008-0436
CVE-2008-0436 refers to a cross-site scripting (XSS) vulnerability in PD9 Software MegaBBS 1.5.14b. The flaw resides in the profile-upload/upload.asp endpoint, exploitable via the target parameter to inject arbitrary web script or HTML. NVD indicates the attack could be remote and non-authenticat...
Code injection
The send-private-message functionality send-private-message.asp in PD9 Software MegaBBS 2.1 allows remote attackers to read private messages of other users via a modified replyid parameter...
CVE-2004-2653
Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1 allows attackers to gain privileges via unknown vectors involving 1 admin/userlevelmembers-edit.asp and 2 admin/edit-groups.asp...
CVE-2004-2653
The CVE describes an unspecified privilege-escalation vulnerability in PD9 Software MegaBBS 2.0 and 2.1. Affected component: MegaBBS web admin interfaces under admin/userlevelmembers-edit.asp and admin/edit-groups.asp. Root cause and exact exploit details are not provided in the documents, only t...
CVE-2004-2146
CVE-2004-2146 describes a CRLF injection vulnerability in PD9 Software MegaBBS 2 and 2.1. The issue allows HTTP response splitting through the fid parameter in the writenew action to thread-post.asp, indicating that unsanitized input leads to header manipulation. Affected software: MegaBBS 2 and ...