Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

seebug.org
seebug.orgadded 2007/07/12 12:0 a.m.15 views

FlashBB Sendmsg.PHP远程文件包含漏洞

FlashBB是一款基于PHP的论坛程序。 FlashBB不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是'Sendmsg.PHP'脚本对用户提交的'phpbbrootpath'参数缺少过滤,指定远程服务器上的PHP文件作为包含对象,可导致以WEB进程权限执行任意命令。 TUFaT FlashBB 1.1.7 目前没有解决方案提供 http://www.sebug.net/show-exp-2121.html...

7.1AI score
Exploits0
Cvelist
Cvelistadded 2007/07/11 10:0 p.m.15 views

CVE-2007-3697

PHP remote file inclusion vulnerability in phpbb/sendmsg.php in FlashBB 1.1.8 and earlier allows remote attackers to execute arbitrary code via a URL in the phpbbrootpath parameter...

7.7AI score0.14936EPSS
Exploits0References8
seebug.org
seebug.orgadded 2007/07/11 12:0 a.m.10 views

FlashBB <= 1.1.8 (sendmsg.php) Remote File Inclusion Vulnerability

No description provided by source. !/usr/bin/perl Flashbb = 1.1.7 - Remote File Inclusion Exploit Url: http://rapidshare.com/files/41426468/FlashBBAaeDueHFcu.zip Exploit: http://site.com/path/phpbb/sendmsg.php?phpbbrootpath=EvilScript: coded and f0und3d by kw3rln officeatrosecuritygroupdotnet...

7.1AI score
Exploits0
exploitpack
exploitpackadded 2007/07/10 12:0 a.m.16 views

FlashBB 1.1.8 - sendmsg.php Remote File Inclusion

FlashBB 1.1.8 - sendmsg.php Remote File Inclusion !/usr/bin/perl Flashbb : coded and f0und3d by kw3rln Romanian Security Team .: hTTp://RSTZONE.NET :. greetz to all RST rstzone.net MEMBERZ use LWP::Simple; print "...........................RST...............................\n"; print ". .\n"; pri...

0.4AI score
Exploits0
Prion
Prionadded 2006/03/07 11:2 a.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in vBulletin 3.0.12 and 3.5.3 allows remote attackers to inject arbitrary web script or HTML via the email field, which is injected in profile.php but not sanitized in sendmsg.php...

4.3CVSS6AI score0.00949EPSS
Exploits1References8Affected Software1
NVD
NVDadded 2006/03/07 11:2 a.m.13 views

CVE-2006-1040

Cross-site scripting XSS vulnerability in vBulletin 3.0.12 and 3.5.3 allows remote attackers to inject arbitrary web script or HTML via the email field, which is injected in profile.php but not sanitized in sendmsg.php...

4.3CVSS5.7AI score0.00949EPSS
Exploits1References8
Cvelist
Cvelistadded 2006/03/07 11:0 a.m.14 views

CVE-2006-1040

Cross-site scripting XSS vulnerability in vBulletin 3.0.12 and 3.5.3 allows remote attackers to inject arbitrary web script or HTML via the email field, which is injected in profile.php but not sanitized in sendmsg.php...

5.7AI score0.00949EPSS
Exploits1References8
CVE
CVEadded 2006/03/07 11:0 a.m.544 views

CVE-2006-1040

CVE-2006-1040 affects vBulletin versions 3.0.12 and 3.5.3. The vulnerability is a cross-site scripting (XSS) flaw where user-supplied content placed in the email field is injected into profile.php but not sanitized in sendmsg.php, enabling remote attackers to inject arbitrary web script or HTML t...

4.3CVSS5.7AI score0.00949EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder