Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deluxebb deluxebb 1.08 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2006-5154
PHP remote file inclusion vulnerability in cp/sig.php in DeluxeBB 1.09 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the templatefolder parameter.
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.06
1 EDB exploit
685
VMScore
CVE-2008-6146
SQL injection vulnerability in pm.php in DeluxeBB 1.2 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via a delete##### parameter in a Delete action, a different vector than CVE-2005-2989.
Deluxebb Deluxebb
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.1
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.06
1 EDB exploit
668
VMScore
CVE-2006-4078
pm.php (aka the PM system) in DeluxeBB 1.08, and possibly earlier, allows remote malicious users to bypass authentication by providing an arbitrary username in the membercookie cookie parameter.
Deluxebb Deluxebb 1.08
685
VMScore
CVE-2010-1859
SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the membercookie cookie when adding a new thread.
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb
Deluxebb Deluxebb 1.2
Deluxebb Deluxebb 1.1
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.07
1 EDB exploit
755
VMScore
CVE-2009-1033
SQL injection vulnerability in misc.php in DeluxeBB 1.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the qorder parameter, a different vector than CVE-2005-2989 and CVE-2006-2503.
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.1
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.2
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.08
1 EDB exploit
685
VMScore
CVE-2010-4151
SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the xthedateformat parameter in a register action, a different vector than CVE-2005-2989, CVE-2006...
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.2
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.1
1 EDB exploit
605
VMScore
CVE-2006-4079
Cross-site scripting (XSS) vulnerability in newpost.php in DeluxeBB 1.08, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via the subject parameter (aka the topic title field).
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.07
231
VMScore
CVE-2006-4080
DeluxeBB 1.08, and possibly earlier, uses cookies that include the MD5 hash of a password, which allows remote malicious users to gain privileges by sniffing or cross-site scripting (XSS) and conduct password guessing attacks.
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb
231
VMScore
CVE-2006-3795
Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB prior to 1.08 allow remote malicious users to inject arbitrary web script or HTML via the (1) membercookie cookie in header.php and the (2) redirect parameter in misc.php.
Deluxebb Deluxebb
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started