40 matches found
EUVD-2007-1627
Malware in sbrugna...
EUVD-2002-0948
Malware in sbrugna...
EUVD-2003-1537
Malware in sbrugna...
EUVD-2005-3281
Malware in sbrugna...
EUVD-2003-0584
Malware in sbrugna...
CVE-2005-3282
Splatt Forum 3.0 to 3.2 allows remote attackers to bypass authentication via unknown vectors...
CVE-2003-0590
Cross-site scripting XSS vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon imagesubject field...
CVE-2003-0590
The CVE-2003-0590 entry describes a Cross-site scripting (XSS) vulnerability in Splatt Forum, where remote attackers can inject arbitrary HTML/JavaScript via the post icon (image_subject) field. Affected software is Splatt Forum; the vulnerability is triggered by user-supplied input in the image_...
PHPNuke Splatt Forum 4.0 Module Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7483/info Splatt Forum is a public message board plugin designed to be used with PHPNuke. It has been reported that Splatt Forum does not sufficiently filter user supplied URI parameters for the Splatt Forum 'Search'...
PHPNuke Splatt Forum 4.0 Module HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7484/info A problem with Splatt Forum could allow remote users to execute arbitrary code in the context of the web site running the Splatt Forum module. The problem occurs due to the lack of sanitization performed on...
PHPNuke Splatt Forum 3.2 Module Path Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7080/info The Splatt Forum module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker. An attacker could use the information gathered ...
Splatt Forum 3.0 Image Tag HTML Injection Vulneraility
No description provided by source. source: http://www.securityfocus.com/bid/4953/info Splatt Forum does not filter HTML from image tags. This may allow an attacker to inject arbitrary script code in forum messages. Injected script code will be executed in the browser of an arbitrary web user who...
Splatt Forum 3/4 Post Icon HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8198/info Splatt Forum has been reported prone to a HTML injection vulnerability. An attacker may save a Splatt Forum post form, and modify it so that the post icon value contains arbitrary attacker supplied HTML code. As...
CVE-2003-1547
Cross-site scripting XSS vulnerability in block-Forums.php in the Splatt Forum module for PHP-Nuke 6.x allows remote attackers to inject arbitrary web script or HTML via the subject parameter...
CVE-2003-1547
CVE-2003-1547 describes a cross-site scripting (XSS) vulnerability in the Splatt Forum module’s block-Forums.php for PHP-Nuke 6.x. It permits remote attackers to inject arbitrary web script or HTML via the subject parameter, with the impact being script execution in the victim’s browser as typica...
CVE-2007-1633
Directory traversal vulnerability in bbcoderef.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. dot dot in the name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log...
Directory traversal
Directory traversal vulnerability in bbcoderef.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. dot dot in the name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log...
CVE-2007-1633
The vulnerability CVE-2007-1633 affects the bbcode_ref.php component of Giorgio Ciranni’s Splatt Forum 4.0 RC1 module for PHP-Nuke. The issue is a directory traversal flaw that allows remote attackers to include and execute arbitrary local files by supplying a .. in the name parameter, demonstrat...
CVE-2007-1633
Directory traversal vulnerability in bbcoderef.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. dot dot in the name parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log...
PHP-Nuke Module splattforum 4.0 RC1 Local File Inclusion Exploit
No description provided by source. !/usr/bin/perl Modulo Splatt Forum v4.0 RC1bbcoderef.php nameLocal File Include Exploit D.Script: http://sourceforge.net/projects/splattforum/ V.Code $modulename = $name; -------- Line : 17 include"modules/".$modulename."/functions.php"; -------- Line : 19 Dork:...