CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Multiple cross-site scripting XSS vulnerabilities in WowBB Forum 1.61 allow remote attackers to inject arbitrary web script or HTML via the 1 country parameter to viewuser.php, 2 show parameter to viewforum.php, 3 letter parameter to viewuser.php, 4 highlight parameter to viewtopic.php, 5 show...

4.3CVSS5.9AI score0.00427EPSS

Exploits1References1

seebug.org•added 2014/07/01 12:0 a.m.•14 views

WowBB 1.6 View_User.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13569/info WowBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to using it in an SQL query. Successful exploitation could resu...

7.1AI score

Exploits0

0day.today•added 2010/06/14 12:0 a.m.•41 views

WowBB <= 1.7 XSS Vulnerabilities

Exploit for php platform in category web applications ================================ WowBB = 1.7 XSS Vulnerabilities ================================ +-------------------------------------------------------------------------------------------------------------------------------+ | | | | |...

7.1AI score

Exploits0

NVD•added 2005/12/21 12:3 a.m.•9 views

CVE-2005-4431

SQL injection vulnerability in WowBB 1.65 allows remote attackers to execute arbitrary SQL commands via the q parameter to search.php. NOTE: the viewuser.php/sortby vector is already covered by CVE-2005-1554 and CVE-2004-2181...

7.5CVSS8.1AI score0.00584EPSS

Exploits1References3

CVE•added 2005/12/21 12:0 a.m.•36 views

CVE-2005-4431

CVE-2005-4431 describes an SQL injection in WowBB 1.65 where remote attackers can execute arbitrary SQL via the q parameter to search.php. The core issue is a vulnerable input handling path in the search functionality of WowBB’s PHP code, enabling database query manipulation. The CVE entry notes ...

7.5CVSS8.4AI score0.00584EPSS

Exploits1References3Affected Software1

Cvelist•added 2005/12/21 12:0 a.m.•16 views

CVE-2005-4431

8AI score0.00584EPSS

Exploits1References3

securityvulns•added 2005/11/26 12:0 a.m.•36 views

WowBB 1.65 vuln.

WowBB 1.65 vuln. Vuln. dicovered by : r0t Date: 26 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/wowbb-165-sql-vuln.html Vendor:http://www.wowbb.com affected version: 1.65 and prior Product description: WowBB is PHP/MySQL powered forum software that offers innovative features suc...

0.5AI score

Exploits0

OpenVAS•added 2005/11/03 12:0 a.m.•17 views

WowBB view_user.php SQL Injection Flaw

The remote web server contains a PHP script that is affected by a SQL injection flaw. Description : The remote host is running WowBB, a web-based forum written in PHP. The remote version of this software is vulnerable to SQL injection attacks through the script 'viewuser.php'. A malicious user ca...

7.5CVSS7.5AI score0.00743EPSS

Exploits1References2

OpenVAS•added 2005/11/03 12:0 a.m.•21 views

WowBB view_user.php SQL Injection Flaw

The remote version of this WowBB is vulnerable to SQL injection attacks through the script SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS7.2AI score0.00743EPSS

Exploits1References3

OpenVAS•added 2005/11/03 12:0 a.m.•16 views

WowBB <= 1.61 multiple flaws

The remote web server contains a PHP application that is prone to multiple flaws. Description : The remote host is running WowBB, a web-based forum written in PHP. According to its version, the remote installation of WowBB is 1.61 or older. Such versions are vulnerable to cross-site scripting and...

7.5CVSS0.1AI score0.00427EPSS

Exploits2References1

OpenVAS•added 2005/11/03 12:0 a.m.•21 views

WowBB <= 1.61 multiple flaws

According to its version, the remote installation of WowBB is 1.61 or older. Such versions are vulnerable to cross-site scripting and SQL injection attacks. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

7.5CVSS6.4AI score0.00427EPSS

Exploits2References2

Packet Storm•added 2005/08/07 12:0 a.m.•22 views

wowbbSQL.txt

An attacker can exploit this vulnerability to gain admin username and password. http://www.wowbb.com/ Vulnerable versions: 1.6 1.61 1.62 Proof of concept: http://www.example.com/wowbb/viewuser.php?list=1&letter=&sortby='SQL Injection...

7.4AI score

Exploits0

Cvelist•added 2005/07/10 4:0 a.m.•15 views

CVE-2004-2180

5.7AI score0.00427EPSS

Exploits1References2

CVE•added 2005/07/10 4:0 a.m.•48 views

CVE-2004-2181

CVE-2004-2181 affects WowBB Forum 1.61 (and related vectors reported in 1.65). It is due to multiple SQL injection flaws allowing remote attackers to manipulate SQL queries via view_user.php parameters (sort_by, page) or via the forum_id parameter to view_topic.php. The CVSS base score is 7.5 (HI...

7.5CVSS8.4AI score0.00329EPSS

Exploits1References3Affected Software1

CVE•added 2005/07/10 4:0 a.m.•52 views

CVE-2004-2180

WowBB Forum 1.61 and earlier versions are affected by multiple cross-site scripting (XSS) vulnerabilities. The flaws allow attackers to inject arbitrary script/HTML via numerous vectors: country (view_user.php), show (view_forum.php), letter (view_user.php), highlight (view_topic.php), show (inde...

4.3CVSS5.8AI score0.00427EPSS

Exploits1References2Affected Software1

Cvelist•added 2005/07/10 4:0 a.m.•13 views

CVE-2004-2181

Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow remote attackers to execute arbitrary SQL commands via the 1 sortby or 2 page parameters to viewuser.php, or the 3 forumid parameter to viewtopic.php. NOTE: the sortby vector was later reported to be present in WowBB 1.65...

8.3AI score0.00329EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by