CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. source: http://www.securityfocus.com/bid/10774/info It has been reported that Mensajeitor Tag Board is affected by an authentication bypass vulnerability. This issue is due to a failure of the application to properly handle authentication controls. Successful...

7.1AI score

Exploits0

0day.today•added 2012/04/12 12:0 a.m.•29 views

CJ Tag Board V3.0 <= Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: CJ Tag Board V3.0 http://localhost/PaTh/details.php?name=Dr.NaNo |2|- Cross Site Request Forgery : ThankS !Dr.NaNo - Exploit-db Go To = http://localhost/PaTh/ipban.php xD: |3|- Information Disclosure : == This Information All...

7.1AI score

Exploits0

Prion•added 2009/02/27 11:30 a.m.•10 views

Sql injection

SQL injection vulnerability in tagboard.php in the Tag Board module 4.0 and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action...

7.5CVSS9.1AI score0.01003EPSS

Exploits1References5Affected Software1

NVD•added 2009/02/27 11:30 a.m.•14 views

CVE-2008-6314

SQL injection vulnerability in tagboard.php in the Tag Board module 4.0 and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action...

7.5CVSS8.4AI score0.01003EPSS

Exploits1References5

Cvelist•added 2009/02/27 11:0 a.m.•15 views

CVE-2008-6314

SQL injection vulnerability in tagboard.php in the Tag Board module 4.0 and earlier for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter in a delete action...

8.4AI score0.01003EPSS

Exploits1References5

Packet Storm•added 2008/12/09 12:0 a.m.•21 views

phpBB 3 / Mod Tag Board 4 Blind SQL Injection

!/usr/bin/perl --------------------------------------------------------------- phpBB 3 Mod Tag Board get$host.injection$i,$chars$j; $time2 = time; if$time2 - $time1 6 syswriteSTDOUT,chr$chars$j; $hash .= chr$chars$j; last; if$i == 1 && length $...

Exploits0

seebug.org•added 2008/12/09 12:0 a.m.•20 views

phpBB 3 (Mod Tag Board <= 4) Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl --------------------------------------------------------------- phpBB 3 Mod Tag Board = 4 Remote Blind SQL Injection Exploit by athos - stakerathotmaildotit http://bx67212.netsons.org/forum/viewforum.php?f=3...

7.1AI score

Exploits0

0day.today•added 2008/12/08 12:0 a.m.•15 views

phpBB 3 (Mod Tag Board <= 4) Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications =============================================================== phpBB 3 Mod Tag Board = 4 Remote Blind SQL Injection Exploit =============================================================== !/usr/bin/perl...

7.1AI score

Exploits0

exploitpack•added 2008/12/08 12:0 a.m.•13 views

phpBB 3 - Mod Tag Board 4 Blind SQL Injection

phpBB 3 - Mod Tag Board 4 Blind SQL Injection !/usr/bin/perl --------------------------------------------------------------- phpBB 3 Mod Tag Board get$host.injection$i,$chars$j; $time2 = time; if$time2 - $time1 6 syswriteSTDOUT,chr$chars$j;...

Exploits0

Exploit DB•added 2008/12/08 12:0 a.m.•37 views

phpBB 3 - Mod Tag Board 4 Blind SQL Injection

!/usr/bin/perl --------------------------------------------------------------- phpBB 3 Mod Tag Board get$host.injection$i,$chars$j; $time2 = time; if$time2 - $time1 6 syswriteSTDOUT,chr$chars...

7.4AI score

Exploits0

seebug.org•added 2006/12/12 12:0 a.m.•46 views

CJ Tag Board User-Agent PHP注入漏洞

CJ Tag Board是一款基于PHP的论坛程序。 CJ Tag Board不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB进程权限执行任意命令。问题一是tag.php脚本对"User-Agent" HTTP头数据缺少过滤，可导致任意PHP代码注入，并通过请求all.php脚本执行。问题二是adminindex.php脚本对用户提交的"banned"参数缺少过滤，可导致任意PHP代码注入。 CJ Tag Board 3.0 http://www.scriptsearch.com/cgi-bin/jump.cgi?ID=10068...

7AI score

Exploits0

seebug.org•added 2006/12/10 12:0 a.m.•31 views

MensajeitorTagBoard验证绕过漏洞

Mensajeitor Tag Board是一款基于WEB的论坛程序。Mensajeitor Tag Board的验证机制存在问题，远程攻击者可以利用这个漏洞绕过COOKIE验证，未授权进行访问。其使用的验证代码如下： for$i=0;$icount$NicksRegs;$i++ list$adminnick,$adminpass = explode":",$NicksRegs$i; if $nick == $adminnick $cadenafinal .= "span class="admin"".$nick."/span"; $AdminNick = "si"; if...

7.1AI score

Exploits0

seebug.org•added 2006/10/25 12:0 a.m.•18 views

CJ Tag Board PHP远程代码注入漏洞

CJ Tag Board是一款简单易用的网站管理脚本。 CJ Tag Board中存在两个输入验证错误，可能允许恶意攻击者完全入侵有漏洞的系统： 1 在存储前没有正确过滤对tag.php中User-Agent HTTP头的输入，允许注入任意PHP代码。当用户请求all.php脚本时就会执行这些代码。 2 在存储前没有正确过滤对adminindex.php中banned参数的输入，允许注入任意PHP代码。但利用这个漏洞需要管理用户权限。 CJ Website Design CJ Tag Board 3.0...

7.1AI score

Exploits0

NVD•added 2006/09/14 9:7 p.m.•8 views

CVE-2006-4797

Cross-site scripting XSS vulnerability in tag.php in CloudNine Interactive CJ Tag Board 3.0 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a url BBcode tag in the cjmsg parameter...

4.3CVSS5.6AI score0.01128EPSS

Exploits0References5

CVE•added 2006/09/14 9:0 p.m.•32 views

CVE-2006-4797

CVE-2006-4797 describes a cross-site scripting (XSS) vulnerability in CloudNine Interactive CJ Tag Board 3.0 . The flaw occurs in the tag.php handler, where an attacker can inject arbitrary web script or HTML by abusing a JavaScript event in a url BBcode tag within the cjmsg parameter. This is a ...

4.3CVSS5.8AI score0.01128EPSS

Exploits0References5Affected Software1

securityvulns•added 2006/09/14 12:0 a.m.•39 views

[eVuln] CJ Tag Board XSS Vulnerability

New eVuln Advisory: CJ Tag Board XSS Vulnerability http://evuln.com/vulns/137/summary.html --------------------Summary---------------- eVuln ID: EV0137 Vendor: CloudNine Interactive Vendor's Web Site: http://www.cloudnineinteractive.co.uk/ Software: Tag Board Sowtware's Web Site:...

0.3AI score

Exploits0

NVD•added 2006/08/30 1:4 a.m.•21 views

CVE-2006-4451

Direct static code injection vulnerability in CJ Tag Board 3.0 allows remote attackers to execute arbitrary PHP code via the 1 User-Agent HTTP header in tag.php, which is executed by all.php, and 2 the banned parameter in adminindex.php...

7.5CVSS7.8AI score0.01484EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by