Lucene search
Pd9 SoftwareMegabbs
2 matches found
CVE-2008-0436
Cross-site scripting (XSS) vulnerability in profile-upload/upload.asp in PD9 Software MegaBBS 1.5.14b allows remote attackers to inject arbitrary web script or HTML via the target parameter.
4.3CVSS5.7AI score0.0029EPSS
CVE-2008-2022
Mulatiple cross-site scripting (XSS) vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) toid parameter to send-private-message.asp and the (2) redirect parameter to admin/impersonate.asp. NOTE: vector 2 requires authentication.
4.3CVSS5.8AI score0.02024EPSS