Lucene search
+L
427bbFourtwosevenbb

4 matches found

CVE
CVE
added 2006/01/10 11:0 a.m.151 views

CVE-2006-0154

The CVE-2006-0154 issue affects the 427BB software (versions 2.2 and 2.2.1) in the showthread.php component, where the ForumID parameter causes a SQL injection vulnerability. The root cause is an unvalidated input path in the showthread.php handler, allowing remote attackers to execute arbitrary ...

7.5CVSS8.4AI score0.01323EPSS
CVE
CVE
added 2006/01/10 11:0 a.m.138 views

CVE-2006-0153

CVE-2006-0153 affects 427BB Fourtwosevenbb (versions 2.2 and 2.2.1) where authentication credentials are verified using username, authenticated, and usertype cookies. The vulnerability allows remote attackers to bypass authentication by crafting a valid username and usertype and setting the authe...

7.5CVSS6.8AI score0.03381EPSS
CVE
CVE
added 2006/01/10 11:0 a.m.70 views

CVE-2006-0155

CVE-2006-0155 describes a cross-site scripting (XSS) flaw in the 427BB web app, specifically in posts.php across versions 2.2 and 2.2.1. The issue arises when a user submits a new message that uses a url BBCode tag containing a javascript URI, allowing remote attackers to inject arbitrary JavaScr...

4.3CVSS5.9AI score0.01384EPSS
CVE
CVE
added 2005/03/04 5:0 a.m.56 views

CVE-2005-0629

The CVE-2005-0629 issue concerns multiple XSS vulnerabilities in profile.php of 427BB 2.2. The vulnerability is triggered by the (1) user or (2) Avatar parameters, allowing remote attackers to inject arbitrary web script or HTML. The NVD entry documents a MEDIUM severity (CVSS v2: AV:N/AC:M/Au:N/...

4.3CVSS6AI score0.02127EPSS