CVE-2006-0140

Cross-site scripting XSS vulnerability in post.php in NavBoard V16 Stable2.6.0 and V17beta2 allows remote attackers to inject arbitrary web script or HTML via the 1 b, 2 textlarge, and 3 url bbcode tags...

CVE-2005-4724

SQL injection vulnerability in post.php in PhpTagCool 1.0.3 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field in an HTTP header...

CVE-2005-3689

post.php in XMB 1.9.2 allows remote attackers to obtain the installation path via an invalid fid parameter in a newthread action...

CVE-2005-3689

post.php in XMB 1.9.2 allows remote attackers to obtain the installation path via an invalid fid parameter in a newthread action...

Moodle post.php XSS

The version of Moodle on the remote host contains a flaw that allows a remote cross site scripting attack because the application does not validate the SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Moodle post.php XSS

The version of Moodle on the remote host contains a flaw that allows a remote cross site scripting attack because the application does not validate the 'reply' variable upon submission to the 'post.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary...

bmforumXSS.txt

Multiple Cross site scripting in BMForum vendor url:http://www.bmforum.com/ Advisore:http://lostmon.blogspot.com/2005/07/ multiple-cross-site-scripting-in.html Vendor notify:yes Exploit available:yes BMForum contains a flaw that allows a remote cross site scripting attack.This flaw exists because...

CVE-2005-2107

Multiple cross-site scripting XSS vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 p or 2 comment parameter...

CVE-2005-2107

Multiple cross-site scripting XSS vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 p or 2 comment parameter...

WordPress <= 1.5.1.2 - Multiple XSS vulnerabilities

Because of these vulnerabilities in post.php, attackers can inject arbitrary web script or HTML via the "p" or "comment" parameter. Solution Update the WordPress to the latest available version at least 1.5.1.3...

CVE-2005-1404

MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the 1 nbuser parameter to post.php or 2 sender parameter to privmsg.php...

CVE-2005-1404

MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the 1 nbuser parameter to post.php or 2 sender parameter to privmsg.php...

WordPress <=1.5 - Multiple Cross-Site Scripting (XSS) vulnerabilities

Because of these vulnerabilities in template-functions-post.php, attackers can execute arbitrary commands via the title of the post or content. Solution Update WordPress to the latest possible version...

CVE-2004-1711

Moodle post.php XSS (CVE-2004-1711) affects Moodle prior to 1.3. The vulnerability arises from not validating the reply parameter in post.php, enabling remote XSS via crafted URLs. OpenVAS entries confirm a remote XSS in Moodle post.php by tampering with the reply variable; no explicit exploit de...

CVE-2005-0414

MercuryBoard 1.1.1 is affected by a SQL injection in post.php via the reply post action (index.php) using the t or qu parameters, allowing remote SQL commands (CVE-2005-0414). NVD lists base 7.5/ HIGH with network attack vector and no authentication. OpenVAS corroborates MercuryBoard vulnerabilit...

CVE-2004-0291

SQL injection vulnerability in post.php for YaBB SE 1.5.4 and 1.5.5 allows remote attackers to obtain hashed passwords via the quote parameter...

Moodle 'post.php' 'reply' Parameter XSS

The version of Moodle on the remote host contains a flaw that allows a remote cross-site scripting attack due to the application not properly validating the 'reply' variable on submission to the 'post.php' script. This allows a user to create a specially crafted URL that would execute arbitrary...

xss in moodle &#40;post.php&#41;

+--------------------------------+ | | | XSS in Moodle 1.3 post.php | | | +--------------------------------+ Autor: Javier Ubilla Brenni javierubillaatspymac.com Date: 02/08/04 Software Description: "Moodle is a course management system CMS - a software package designed to help educators create...