Lucene search
K
Ideal ScienceIdealbb

8 matches found

CVE
CVE
added 2006/05/12 12:0 a.m.56 views

CVE-2006-2319

CVE-2006-2319 affects Ideal Science Ideal BB 1.5.4a and earlier. The vulnerability arises from improper validation of file extensions before upload, allowing a remote attacker to insert a 0x00 character before the ".asp" portion of a filename to upload and execute an ASP script on the server. The...

5CVSS6.9AI score0.01922EPSS
CVE
CVE
added 2006/05/12 12:0 a.m.55 views

CVE-2006-2321

CVE-2006-2321 documents multiple XSS vulnerabilities in IdealBB (Ideal Science) 1.5.4a and earlier. Attackers could inject arbitrary script/HTML via unknown vectors in the web application. A note flags potential overlap with CVE-2004-2207. Connected sources also reference older CVE-2004-2207 for ...

4.3CVSS5.6AI score0.01373EPSS
CVE
CVE
added 2005/07/10 4:0 a.m.52 views

CVE-2004-2207

CVE-2004-2207 affects IdealBB, a web-based bulletin board, with a cross-site scripting (XSS) vulnerability reported in versions 1.4.9 through 1.5.3. The vulnerability allows remote attackers to inject arbitrary web script or HTML via unknown vectors. The connected OpenVAS and CVE records corrobor...

4.3CVSS5.6AI score0.01164EPSS
CVE
CVE
added 2006/05/12 12:0 a.m.50 views

CVE-2006-2318

CVE-2006-2318 affects Ideal Science Ideal BB versions up to 1.5.4a. The flaw is an incomplete blacklist that allows a remote attacker to upload and execute an ASP script by uploading a ".asa" file, bypassing the ".asp" extension check but executable on the server. The NVD entry cites a CVSSv2 bas...

7.5CVSS6.9AI score0.02413EPSS
CVE
CVE
added 2006/05/12 12:0 a.m.49 views

CVE-2006-2320

CVE-2006-2320 affects IdealBB (Ideal Science) 1.5.4a and earlier. The vulnerability is described as multiple SQL injection flaws enabling remote attackers to execute arbitrary SQL commands via multiple unspecified vectors related to stored procedure calls. The public details do not specify exact ...

7.5CVSS8.1AI score0.01413EPSS
CVE
CVE
added 2005/07/10 4:0 a.m.48 views

CVE-2004-2208

IdealBB (Ideal Science) web bulletin board versions 1.4.9–1.5.3 are affected by a CRLF injection vulnerability that enables HTTP response splitting. The CVE-2004-2208 entries across NVD, Red Hat, CVE listing, and OpenVAS describe this as a remote issue with unknown vectors, impacting integrity (I...

5CVSS6.9AI score0.01336EPSS
CVE
CVE
added 2006/05/12 12:0 a.m.44 views

CVE-2006-2317

CVE-2006-2317 pertains to IdealBB 1.5.4a and earlier. The vulnerability arises from the OpenTextFile usage in Scripting.FileSystemObject, allowing remote attackers to read arbitrary files under the web root via unspecified attack vectors. The NVD notes the impact as partial confidentiality with n...

5CVSS6.7AI score0.01937EPSS
CVE
CVE
added 2005/07/10 4:0 a.m.40 views

CVE-2004-2209

CVE-2004-2209 concerns a SQL injection in the IdealBB web application from Ideal Science, affecting versions 1.4.9 through 1.5.3. The vulnerability allows remote attackers to execute arbitrary SQL commands via unknown vectors. The report notes a network-access vector with low attack complexity an...

7.5CVSS8.2AI score0.01198EPSS