Lucene search
K
FunkboardFunkboard

6 matches found

CVE
CVE
added 2005/08/16 4:0 a.m.53 views

CVE-2005-2571

FunkBoard 0.66CF (and possibly earlier) has an access-control flaw: the admin/mysql_install.php and admin/pg_install.php scripts are not properly restricted, allowing an attacker to obtain the database username and password or inject arbitrary PHP code into info.php. The issue is described as a l...

6.4CVSS7.5AI score0.01156EPSS
CVE
CVE
added 2006/06/07 10:0 a.m.46 views

CVE-2006-2897

CVE-2006-2897 concerns FunkBoard 0.71 and is described as a cross‑site scripting (XSS) vulnerability. The affected component is FunkBoard 0.71; the underlying flaw is not detailed beyond the XSS vector being unspecified, with the NVD entry indicating the vulnerability can lead to HTML or script i...

2.6CVSS5.8AI score0.01234EPSS
CVE
CVE
added 2005/08/16 4:0 a.m.41 views

CVE-2005-2569

Affected software: FunkBoard 0.66CF (and possibly earlier). Vulnerability: multiple cross-site scripting (XSS) flaws allow remote attackers to inject arbitrary script/HTML via numerous parameters across several pages (register.php, editpost.php, prefs.php, newtopic.php, reply.php, profile.php); l...

4.3CVSS6.1AI score0.01419EPSS
CVE
CVE
added 2005/08/16 4:0 a.m.40 views

CVE-2005-2570

CVE-2005-2570 affects FunkBoard 0.66CF and possibly earlier releases. A direct request to forums.php can disclose sensitive information by revealing the path in an error message, enabling information disclosure. The available sources state the flaw but do not provide detailed exploit scenarios, a...

5CVSS6.6AI score0.01244EPSS
CVE
CVE
added 2006/06/07 10:0 a.m.40 views

CVE-2006-2896

CVE-2006-2896: FunkBoard CF0.71 suffers from a vulnerability in profile.php where a remote attacker can change arbitrary passwords by tampering with a hidden uid field in the Edit Profile action. Affected component is the profile handling in FunkBoard CF0.71; root cause is the inability to valida...

5CVSS6.8AI score0.09364EPSS
CVE
CVE
added 2006/11/06 11:0 p.m.38 views

CVE-2006-5775

Technical details about CVE-2006-5775 are not publicly provided in the connected documents. No explicit affected products, versions, or fixes are detailed here. Monitor for updates.

6.8CVSS6.2AI score0.01252EPSS