EUVD-2005-1330

Malware in sbrugna...

Woltlab Burning Board Lite <= 1.0.2pl3e (pms.php) SQL Injection Exploit

No description provided by source. ?php printr' ------------------------------------------------------------------------------- Woltlab Burning Board Lite = 1.0.2pl3e pms.php / sql injection exploit by rgod mail: retrog at alice dot it site: http://retrogod.altervista.org dork: Powered by Burning...

Hdwiki Sql Injection#2

简要描述： 发现最近Hdwiki的洞 官方都只给2Rank? 分就不能高一点? 牛逼。 虽然这样我还是继续发。 详细说明： 在control/pms.php中 function docheckrecipient $sendto = $this-post'sendto'; if WIKICHARSET == 'GBK' $sendto = string::hiconv$sendto,'GBK','UTF-8',1; $send = explode',',$sendto; ifcount$send10 $this-message$this-view-lang'fullsend','',2;...

CVE-2007-0812

SQL injection in pms.php of Woltlab Burning Board (wBB) Lite 1.0.2pl3e and earlier; remote authenticated users can execute arbitrary SQL via pmid[0]. Affected: wBB Lite

Woltlab Burning Board Lite 1.0.2pl3e - pms.php SQL Injection

Woltlab Burning Board Lite 1.0.2pl3e - pms.php SQL Injection = 4.1 / if $argc6 printr' ------------------------------------------------------------------------------- Usage: php '.$argv0.' host path user pass action OPTIONS host: target server ip/hostname path: path to wbblite user/pass: valid us...

Woltlab Burning Board Lite <= 1.0.2pl3e (pms.php) SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================================================= Woltlab Burning Board Lite = 4.1 / if $argc6 printr' ------------------------------------------------------------------------------- Usage: php '.$argv0.' host path us...

Woltlab Burning Board Lite 1.0.2pl3e - &#039;pms.php&#039; SQL Injection

= 4.1 / if $argc6 printr' ------------------------------------------------------------------------------- Usage: php '.$argv0.' host path user pass action OPTIONS host: target server ip/hostname path: path to wbblite user/pass: valid user credentials action: 1 vulnerability check 2 disclose admin...

CVE-2005-4642

Multiple cross-site scripting XSS vulnerabilities in HydroBB 1.0.0 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the s parameter to 1 search.php, 2 members.php, 3 stats.php, 4 viewforum.php, 5 register.php, 6 usercp.php, 7 groups.php, 8 pms.php, and 9 calendar.php...

Woltlab Burning Board pms.php folderid Parameter XSS

The version of Burning Board or Burning Board Lite installed on the remote host may be prone to cross-site scripting attacks due to its failure to properly sanitize input passed to the 'folderid' parameter of the 'pms.php' script. An attacker may be able to exploit this flaw to cause arbitrary HT...

CVE-2005-1327

Cross-site scripting XSS vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter...

CVE-2005-1327

CVE-2005-1327 is a cross-site scripting vulnerability in Woltlab Burning Board 2.3.1 PL2 and earlier, affecting the pms.php script where the folderid parameter is not sanitized. The issue allows remote attackers to inject arbitrary HTML/script that is executed in a user’s browser within the conte...

WoltLab Burning Board 2.3.1 - &#039;PMS.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/13353/info WoltLab Burning Board is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in th...