Lucene search
K

949 matches found

Packet Storm
Packet Storm
added 2006/04/29 12:0 a.m.23 views

ibp-2.1.4-xpl.txt

This exploit has only been tested on 2.1.4. Others are most likely vulnerable but have not yet been tested. Simple SQL injection in funcmsg.php on line 448. tobyid is not properly sanitized. It's passed to the class via an instance of the messenger class, which takes it from the ipb sanitized inp...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/04/28 12:0 a.m.41 views

SQL injection exploit IPB <= 2.1.4

This exploit has only been tested on 2.1.4. Others are most likely vulnerable but have not yet been tested. Simple SQL injection in funcmsg.php on line 448. tobyid is not properly sanitized. It's passed to the class via an instance of the messenger class, which takes it from the ipb sanitized inp...

0.2AI score
Exploits0
CVE
CVE
added 2005/11/23 1:0 a.m.46 views

CVE-2005-3777

MyBB 1.0 PR2 Rev 686 is affected by a vulnerability that allows remote attackers to delete or move private messages (PM) by submitting modified fields in the inbox form. The provided documents confirm the affected software and the manipulation vector, but do not specify root cause details beyond ...

5CVSS7.1AI score0.01336EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/03/26 5:0 a.m.17 views

CVE-2005-0878

Cross-site scripting XSS vulnerability in MercuryBoard before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the title field of a PM private message...

5.7AI score0.01164EPSS
Exploits0References3
CVE
CVE
added 2005/03/26 5:0 a.m.45 views

CVE-2005-0878

MercuryBoard before 1.1.3 is affected by CVE-2005-0878: an XSS flaw in the title field of private messages that lets remote attackers inject arbitrary script/HTML. Root cause: insufficient input sanitization in the PM title. Impact: could compromise user sessions or integrity of rendered pages as...

4.3CVSS5.7AI score0.01164EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2005/03/23 5:0 a.m.16 views

CVE-2005-0878

Cross-site scripting XSS vulnerability in MercuryBoard before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the title field of a PM private message...

4.3CVSS5.7AI score0.01164EPSS
Exploits0References3
CVE
CVE
added 2005/03/04 5:0 a.m.51 views

CVE-2005-0631

CVE-2005-0631 affects PBLang BBS (version around 4.63) with a vulnerability in delpm.php where a logged-in, remote user can delete arbitrary personal messages by altering the id and a parameters. The issue stems from improper handling of these parameters, enabling unauthorized PM deletion within ...

2.1CVSS6.4AI score0.01416EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2005/03/03 12:0 a.m.46 views

HRG009.txt

HRG - Hackerlounge Research Group Release: HRG009 Monday 03/01/05 Software PBLang 4.63 delpm.php authentication problem The author can't be held responsible for any damage done by a reader. You have your own resonsibility Please use this document like it's meant to. Vulnerable: PBLang 4.63 and...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/02/24 12:0 a.m.25 views

Software PBLang 4.65 pm.php XSS vulnerability

HRG - Hackerlounge Research Group Release: HRG003 Friday 11-02-05 Software PBLang 4.65 pm.php XSS vulnerability The author can't be held responsible for any damage done by a reader. You have your own resonsibility Please use this document like it's meant to. Vulnerable: PBLang 4.65 current and...

6AI score
Exploits0
Rows per page
Query Builder