29 matches found
EUVD-2005-3832
Malware in sbrugna...
EUVD-2008-5551
Malware in sbrugna...
EUVD-2005-1071
Malware in sbrugna...
EUVD-2008-5553
Malware in sbrugna...
EUVD-2005-1072
Malware in sbrugna...
EUVD-2008-5552
Malware in sbrugna...
CVE-2008-5577
PHP remote file inclusion vulnerability in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to execute arbitrary PHP code via a URL in the incfunction parameter...
Remote file inclusion
PHP remote file inclusion vulnerability in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to execute arbitrary PHP code via a URL in the incfunction parameter...
Authentication flaw
admin/forums.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to bypass authentication and gain administrative access via a large value of the currentuseruserslevel parameter...
CVE-2008-5578
Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remote attackers to execute arbitrary SQL commands via 1 the f parameter in a showforum action, 2 the u parameter in a profile action, 3 the viewcat parameter, or 4 a combination of scbuid and scbident...
CVE-2008-5578
Multiple SQL injection vulnerabilities in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allow remote attackers to execute arbitrary SQL commands via 1 the f parameter in a showforum action, 2 the u parameter in a profile action, 3 the viewcat parameter, or 4 a combination of scbuid and scbident...
CVE-2008-5576
CVE-2008-5576 affects sCssBoard versions 1.0, 1.1, 1.11, and 1.12 (admin/forums.php). A remote attacker can bypass authentication and gain administrative access by sending a large value for the current_user[users_level] parameter. This constitutes a parameter manipulation/authentication bypass vu...
CVE-2008-5577
The CVE-2008-5577 entry describes a PHP remote file inclusion in sCssBoard (versions 1.0, 1.1, 1.11, 1.12) that allows an attacker to execute arbitrary PHP code via a URL parameter inc_function. Connected documents corroborate the vulnerability description across NVD/CVE records. No additional ex...
CVE-2008-5578
CVE-2008-5578 describes multiple SQL injection vulnerabilities in the sCssBoard product (versions 1.0, 1.1, 1.11, 1.12) affecting index.php. Attack vectors include (1) f parameter in showforum, (2) u parameter in profile, (3) viewcat parameter, and (4) combinations of scb_uid/scb_ident cookie val...
CVE-2008-5576
admin/forums.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to bypass authentication and gain administrative access via a large value of the currentuseruserslevel parameter...
CVE-2008-5577
PHP remote file inclusion vulnerability in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to execute arbitrary PHP code via a URL in the incfunction parameter...
scssboard-multi.txt
!/usr/bin/ruby inphex - i didnt include all of those bugs into the code,this code basicly checks if the forum is vulnerable and also exploits SQL Injection bug! all versions on sourceforge seem to be the same ;\ so check is beeing done on each version. - scb is set as default table prefix this...
sCssBoard (Multiple Versions) - pwnpack Remote s
sCssBoard Multiple Versions - pwnpack Remote s !/usr/bin/ruby inphex - i didnt include all of those bugs into the code,this code basicly checks if the forum is vulnerable and also exploits SQL Injection bug! all versions on sourceforge seem to be the same ;\ so check is beeing done on each versio...
sCssBoard (Multiple Versions) - 'pwnpack' Remote s
!/usr/bin/ruby inphex - i didnt include all of those bugs into the code,this code basicly checks if the forum is vulnerable and also exploits SQL Injection bug! all versions on sourceforge seem to be the same ;\ so check is beeing done on each version. - scb is set as default table prefix this...
sCssBoard (pwnpack) Multiple Versions Remote Exploit
Exploit for unknown platform in category web applications ==================================================== sCssBoard pwnpack Multiple Versions Remote Exploit ==================================================== !/usr/bin/ruby inphex - i didnt include all of those bugs into the code,this code...