2 matches found
CVE-2006-1638
CVE-2006-1638 : AWebBB 1.2 has multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands via user-supplied input. Affected scripts include accounts.php, changep.php, editac.php, feedback.php, fpass.php, login.php, post.php, reply.php, and reply_log.php (...
CVE-2006-1637
The CVE-2006-1637 entry describes multiple XSS vulnerabilities in aWebBB 1.2. Affected scripts: post.php (parameters tname, fpost); editac.php (fullname, emailadd, country, sig, otherav); register.php (fullname, emailadd, country). The underlying issue is insufficient sanitization of user-supplie...