24 matches found
ShockBoard 3.04.0 - Offset SQL Injection
ShockBoard 3.04.0 - Offset SQL Injection source: https://www.securityfocus.com/bid/15592/info ShockBoard is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation...
bmforumXSS.txt
Multiple Cross site scripting in BMForum vendor url:http://www.bmforum.com/ Advisore:http://lostmon.blogspot.com/2005/07/ multiple-cross-site-scripting-in.html Vendor notify:yes Exploit available:yes BMForum contains a flaw that allows a remote cross site scripting attack.This flaw exists because...
CVE-2005-1568
CVE-2005-1568 affects DirectTopics 2.1 and 2.2. The flaw arises in topic.php where an invalid topic parameter can cause the server to disclose the path in an error message, leaking sensitive information. The NVD metrics indicate a base score of 5.0 (Medium) with network access required and no aut...
CVE-2005-1567
SQL injection vulnerability in topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to execute arbitrary SQL commands via the topic parameter...