2 matches found
CVE-2006-0407
CVE-2006-0407 affects AZ Bulletin Board (AZbb) 1.1.00 and earlier. The vulnerability is a cross-site scripting (XSS) flaw in post.php, exploitable via the nickname parameter and an iframe tag in the topic parameter, enabling injection of arbitrary HTML/JavaScript by an attacker. The description n...
CVE-2005-1200
AZ Bulletin Board (AZBB) < 1.0.07d is affected by a PHP remote file inclusion in main_index.php (AZBB 1.0.07a–c) via dir_src or abs_layer parameters, enabling arbitrary PHP code execution on a remote server. The official CVE entry (CVE-2005-1200) documents RSF/URL-based code inclusion in AZBB....