49 matches found
CVE-2006-4633
index.php in SoftBB 0.1, and possibly earlier, allows remote attackers to obtain the installation path via a null or invalid page parameter...
CVE-2006-4632
Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the 1 groupe parameter in addmembre.php and the 2 select parameter in moveto.php...
CVE-2006-4632
Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the 1 groupe parameter in addmembre.php and the 2 select parameter in moveto.php...
CVE-2006-4631
The CVE refers to SoftBB 0.1 (and possibly earlier) with a vulnerability in admin/save_opt.php: Direct static code injection allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php and makes it accessible v...
CVE-2006-4633
index.php in SoftBB 0.1, and possibly earlier, allows remote attackers to obtain the installation path via a null or invalid page parameter...
EUVD-2006-4621
index.php in SoftBB 0.1, and possibly earlier, allows remote attackers to obtain the installation path via a null or invalid page parameter...
CVE-2006-4632
CVE-2006-4632 covers multiple SQL injection vulnerabilities in SoftBB 0.1 (and possibly earlier). Affected components/functions include addmembre.php (parameter: groupe) and moveto.php (parameter: select). The underlying issue is improper handling of untrusted input, enabling remote attackers to ...
CVE-2006-4631
Direct static code injection vulnerability in admin/saveopt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cacheforum parameter, which saves the code to infooptions.php, which is accessible via a direct request...
CVE-2006-4633
SoftBB 0.1 is affected; index.php can disclose installation path via a null/invalid page[] parameter. The root cause is improper handling of the page[] input leading to information disclosure. Impact is partial confidentiality leakage (installation path). No remediation details are provided in th...
softbbxss.txt
SoftBB v0.1 alert'hacking%20xss' ; Greetz : M.I.D.TDrackanZ, Mr.IlysS & All Moroccan & Arab Hackers ;...
CVE-2006-4593
Cross-site scripting XSS vulnerability in index.php in SoftBB 0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter...
CVE-2006-4593
Cross-site scripting XSS vulnerability in index.php in SoftBB 0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter...
CVE-2006-4593
CVE-2006-4593 describes a Cross-site scripting vulnerability in SoftBB 0.1 and earlier. The vulnerability occurs in index.php and is exploitable via the page parameter, allowing injection of arbitrary script/HTML. Connected sources corroborate SoftBB XSS details (versions
SoftBB 0.1 - Page Cross-Site Scripting
SoftBB 0.1 - Page Cross-Site Scripting source: https://www.securityfocus.com/bid/19847/info SoftBB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in...
SoftBB v0.1 < = Cross-Site Scripting
SoftBB v0.1 = Cross-Site Scripting - XSS Exploit ; Discovred By : ThELeOMor0Ccan Islam DefenDers Team ; Software : SoftBB ; Version : 0.1 ; Site Of Software : Www.Softbb.Be ; Exploit : http://Www.Site.Com/Script/index.php?page=scriptalert'hacking20xss'/script ; Greetz : M.I.D.TDrackanZ, Mr.IlysS ...
SoftBB 0.1 - 'Page' Cross-Site Scripting
source: https://www.securityfocus.com/bid/19847/info SoftBB is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in...
SoftBB 0.1 (cmd) Remote Command Execution Exploit
Exploit for unknown platform in category web applications ================================================= SoftBB 0.1 cmd Remote Command Execution Exploit ================================================= !/usr/bin/perl Affected.scr..: SoftBB 0.1 Poc.ID........: 11060904 Type..........: PHP code...
SoftBB 0.1 - cmd Remote Command Execution
SoftBB 0.1 - cmd Remote Command Execution !/usr/bin/perl Affected.scr..: SoftBB 0.1 Poc.ID........: 11060904 Type..........: PHP code execution, SQL Injection, Full Path Disclosure Risk.level....: High Vendor.Status.: Unpatched Src.download..: softbb.be Poc.link......:...
SoftBB 0.1 (cmd) Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl Affected.scr..: SoftBB 0.1 Poc.ID........: 11060904 Type..........: PHP code execution, SQL Injection, Full Path Disclosure Risk.level....: High Vendor.Status.: Unpatched Src.download..: softbb.be Poc.link......: acid-root.new.fr/poc/11060904.txt...
SoftBB 0.1 - 'cmd' Remote Command Execution
!/usr/bin/perl Affected.scr..: SoftBB 0.1 Poc.ID........: 11060904 Type..........: PHP code execution, SQL Injection, Full Path Disclosure Risk.level....: High Vendor.Status.: Unpatched Src.download..: softbb.be Poc.link......: acid-root.new.fr/poc/11060904.txt Advisory.link.:...