3 matches found
CVE-2004-2180
WowBB Forum 1.61 and earlier versions are affected by multiple cross-site scripting (XSS) vulnerabilities. The flaws allow attackers to inject arbitrary script/HTML via numerous vectors: country (view_user.php), show (view_forum.php), letter (view_user.php), highlight (view_topic.php), show (inde...
CVE-2004-2181
CVE-2004-2181 affects WowBB Forum 1.61 (and related vectors reported in 1.65). It is due to multiple SQL injection flaws allowing remote attackers to manipulate SQL queries via view_user.php parameters (sort_by, page) or via the forum_id parameter to view_topic.php. The CVSS base score is 7.5 (HI...
CVE-2005-1554
CVE-2005-1554 is an SQL injection vulnerability in WowBB’s view_user.php that affects WowBB versions 1.6, 1.61, and 1.62. The vulnerability permits remote attackers to execute arbitrary SQL commands via the sort_by parameter, as documented in multiple sources (NVD entries and CVE records). The Op...