20 matches found
EUVD-2006-0162
Malware in sbrugna...
EUVD-2005-4194
Malware in sbrugna...
MyBB 1.1.1 Showthread.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17904/info MyBB is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful attack could allow an...
CVE-2007-3589
Multiple SQL injection vulnerabilities in b1gbb 2.24.0 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 showthread.php or 2 showboard.php...
CVE-2007-3326
Multiple directory traversal vulnerabilities in vBulletin 3.x.x allow remote attackers to redirect visitors to arbitrary local files via a .. dot dot in 1 the loc parameter to admincp/index.php and 2 the Hyperlink information URl field for post Topic in showthread.php, enabling cross-site scripti...
vbultop-xss.txt
+-------------------------------------------------------------------- + + New post Topic Hijacking XSS All vBulletin® v 3.x.x + +-------------------------------------------------------------------- + vendor site........: http://www.vbulletin.com/ + Affected Software .: vbulletin + Class...
New post Topic Hijacking XSS All vBulletin v 3.x.x (2)
+-------------------------------------------------------------------- + + New post Topic Hijacking XSS All vBulletin® v 3.x.x + +-------------------------------------------------------------------- + vendor site........: http://www.vbulletin.com/ + Affected Software .: vbulletin + Class...
Sql injection
SQL injection vulnerability in showthread.php in MyBB aka MyBulletinBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via the comma parameter...
CVE-2006-2336
SQL injection vulnerability in showthread.php in MyBB aka MyBulletinBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via the comma parameter...
CVE-2006-2336
SQL injection vulnerability in showthread.php in MyBB aka MyBulletinBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via the comma parameter...
MyBB <= 1.1.1 showthread.php comma Parameter SQL Injection
Binary data 3561.prm...
CVE-2006-0154
SQL injection vulnerability in showthread.php in 427BB 2.2 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the ForumID parameter...
Sql injection
SQL injection vulnerability in showthread.php in 427BB 2.2 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the ForumID parameter...
CVE-2006-0154
SQL injection vulnerability in showthread.php in 427BB 2.2 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the ForumID parameter...
CVE-2006-0154
The CVE-2006-0154 issue affects the 427BB software (versions 2.2 and 2.2.1) in the showthread.php component, where the ForumID parameter causes a SQL injection vulnerability. The root cause is an unvalidated input path in the showthread.php handler, allowing remote attackers to execute arbitrary ...
CVE-2005-4199
MyBB prior to 1.0 is affected by multiple SQL injection vulnerabilities. The public details identify concrete vectors, notably the month parameter in calendar.php (SQLi), and additional parameters in usercp.php, member.php, and showthread/ratethread.php. This is a documented remote, unauthenticat...
CVE-2005-1832
Multiple cross-site scripting XSS vulnerabilities in MyBulletinBoard MyBB 1.00 RC4 and earlier allow remote attackers to execute arbitrary web script or HTML via the 1 forums, 2 version, or 3 limit parameter to misc.php, 4 page or 5 datecut parameter to forumdisplay.php, 6 username, 7 email, or 8...
CVE-2005-1833
Multiple SQL injection vulnerabilities in MyBulletinBoard MyBB 1.00 RC4 allow remote attackers to execute arbitrary SQL commands via the 1 eid parameter to calendar.php, 2 idsql parameter to online.php, 3 usersearch parameter to memberlist.php, 4 pid parameter to editpost.php, 5 fid parameter to...
CVE-2004-1823
Multiple cross-site scripting XSS vulnerabilities in Jelsoft vBulletin 2.0 beta 3 through 3.0 can4 allows remote attackers to inject arbitrary web script or HTML via the 1 page parameter to showthread.php or 2 order parameter to forumdisplay.php...
JelSoft vBulletin Multiple XSS Vulnerabilities
Vendor : Jelsoft Enterprises URL : http://www.vbulletin.com Version : vBulletin 3.0.0 RC4 && Others Risk : Cross Site Scripting Description: vBulletin is a powerful, scalable and fully customisable forums package for your web site. Based on the PHP language, backed with a blisteringly fast MySQL...