132 matches found
OReilly Software WebBoard 4.10.30 Pager Hostile JavaScript Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2814/info O'Reilly WebBoard is a conferencing utility, forum, threaded discussion and real-time chat server. Versions of WebBoard are vulnerable to a JavaScript code execution bug which may allow a remote denial of servic...
SIX-webboard 2.01 File Retrieval Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3175/info SIX-webboard 2.01 does not filter .. and / from user input, allowing users to enter arbitrary values in order to view or retrieve files not normally accessible to them from the remote host...
Webboard <= 2.90 beta - Remote File Disclosure Vulnerability
No description provided by source. Webboard = v.2.90 beta Remote File Disclosure Vulnerability ============================================================= Author: MrDoug Email: mrdoug13 at gmail dot com Greetz to all my friends ============================================================= There...
PHPSTREET Webboard 1.0 'show.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32635/info PHPSTREET Webboard is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
WebBoard CMS Cross Site Scripting
. ,;' / . ,'/ .' . X /.' .-;--''--.. .' / , IeDb.ir ' Q ' , , . \ ,.| ' -.;' : . ; --,..; ' , .' . , ' / ; ,''-,;' - -..-- Exploit Title : WebBoard CMS Multiple Vulnerability Author : IeDb Security Team Discovered By : Bl4ck M4n Home : http://www.iedb.ir/acc Security Risk : High...
CVE-2011-5204
Akiva WebBoard 8.x stores passwords in plaintext, which allows local users to obtain sensitive information by reading from the database...
Sql injection
SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information...
Information disclosure
Akiva WebBoard 8.x stores passwords in plaintext, which allows local users to obtain sensitive information by reading from the database...
CVE-2011-5203
SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information...
CVE-2011-5204
Akiva WebBoard 8.x stores passwords in plaintext, which allows local users to obtain sensitive information by reading from the database...
CVE-2011-5203
SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attackers to execute arbitrary SQL commands via the name parameter. NOTE: some of these details are obtained from third party information...
CVE-2011-5204
This CVE concerns Akiva WebBoard 8.x, where passwords are stored in plaintext in the database. The underlying issue is plaintext credential storage, enabling local users to read sensitive information by accessing the database. Practical impact is limited to local access scenarios as no remote/exp...
CVE-2011-5203
CVE-2011-5203 concerns a SQL injection in Akiva WebBoard’s WB/Default.asp before version 8 SR 1, exploitable remotely via the name parameter. Affected component is WebBoard’s server-side script; underlying issue is improper input handling enabling arbitrary SQL execution. NVD reports a CVSS v2 ba...
Akiva WebBoard 8. x SQL injection flaws and fixes-vulnerability warning-the black bar safety net
Title: Akiva Webboard 8. x SQL Injection + Plaintext Passwords in Profiles. Author: Alexander Fuchs www.2cto.com Download address: http://www.akiva.com/default.asp?l=1&id=8 Affected versions: 8. x Test platform: Windows, Linux. It is possible to login as administrator with admin'-- as the usernam...
Akiva WebBoard 8.x - SQL Injection
Akiva WebBoard 8.x - SQL Injection Exploit Title: Akiva Webboard 8.x SQL Injection + Plaintext Passwords in Profiles. Google Dork: " /Powered by WebBoard 8"/ Date: 30.12.2011 Author: Alexander Fuchs Software Link: http://www.akiva.com/default.asp?l=1&id=8 Version: 8.x Tested on: Windows, Linux. C...
Akiva WebBoard 8.x SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Akiva Webboard 8.x SQL Injection + Plaintext Passwords in Profiles. Google Dork: " /Powered by WebBoard 8"/ Date: 30.12.2011 Author: Alexander Fuchs Software Link: http://www.akiva.com/default.asp?l=1&id=8 Version: 8.x Tested on...
Akiva WebBoard 8.x - SQL Injection
Exploit Title: Akiva Webboard 8.x SQL Injection + Plaintext Passwords in Profiles. Google Dork: " /Powered by WebBoard 8"/ Date: 30.12.2011 Author: Alexander Fuchs Software Link: http://www.akiva.com/default.asp?l=1&id=8 Version: 8.x Tested on: Windows, Linux. CVE : Nope. It is possible to login ...
Akiva Webboard SQL Injection
Hey, this is my first time that i report a vulnerability to a mailing list. The problem on the Akiva Webboard is, that you can login as Administrator with admin'-- SQL Injection and if you go to the adminprofil you can see the Adminpasswort in the HTML code. The current version is 9. I do only kn...
Webboard (topic-list.php?pid=) SQL Injection Vulnerability
Exploit for php platform in category web applications ========================================================== Webboard topic-list.php?pid= SQL Injection Vulnerability ========================================================== + Discovered By : Cr4cK3R-LuL! + Date : 29 October 2010 + Support...
Webboard (topic_id=) SQL Injection Vulnerability
Exploit for php platform in category web applications ================================================ Webboard topicid= SQL Injection Vulnerability ================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. cucunya kongSANUN ;...