Logoshows Bbs@2.0 Security Vulnerabilities and Issues — Logoshows Bbs@2.0 CVE List

Lucene search

LogoshowsLogoshows Bbs2.0

4 matches found

cve•added 2010/05/11 12:2 p.m.•42 views

CVE-2009-4871

SQL injection vulnerability in globepersonnel_forum.asp in Logoshows BBS 2.0 allows remote attackers to execute arbitrary SQL commands via the forumid parameter.

7.5CVSS8.7AI score0.00279EPSS

cve•added 2010/05/11 12:2 p.m.•41 views

CVE-2009-4872

Multiple SQL injection vulnerabilities in globepersonnel_login.asp in Logoshows BBS 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.

7.5CVSS8.9AI score0.00103EPSS

cve•added 2010/01/04 5:30 p.m.•35 views

CVE-2009-4546

globepersonnel_login.asp in Logoshows BBS 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the (1) pb_username (aka pb%5Fusername) and (2) level cookies.

7.5CVSS7.4AI score0.01545EPSS

cve•added 2010/01/04 5:30 p.m.•29 views

CVE-2009-4545

Logoshows BBS 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/globepersonnel.mdb.

5CVSS6.5AI score0.01612EPSS