Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deluxebb deluxebb 1.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4151
SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the xthedateformat parameter in a register action, a different vector than CVE-2005-2989, CVE-2006...
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.2
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.1
1 EDB exploit
NA
CVE-2009-1033
SQL injection vulnerability in misc.php in DeluxeBB 1.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the qorder parameter, a different vector than CVE-2005-2989 and CVE-2006-2503.
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.1
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.2
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.08
1 EDB exploit
NA
CVE-2011-3725
DeluxeBB 1.3 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by header_html.php.
Deluxebb Deluxebb 1.3
NA
CVE-2009-4465
DeluxeBB 1.3 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain user and configuration information, log data, and gain administrative access via a direct request to scripts in (1) templates/ including (2...
Deluxebb Deluxebb 1.3
1 EDB exploit
NA
CVE-2009-4466
DeluxeBB 1.3 allows remote malicious users to obtain sensitive information via a crafted page parameter to misc.php, which reveals the installation path in an error message. NOTE: this issue might be resultant from improperly controlled computation in tools.php that leads to a de...
Deluxebb Deluxebb 1.3
1 EDB exploit
NA
CVE-2009-4468
Cross-site scripting (XSS) vulnerability in misc.php in DeluxeBB 1.3 allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Deluxebb Deluxebb 1.3
1 EDB exploit
NA
CVE-2009-4467
misc.php in DeluxeBB 1.3 allows remote malicious users to register accounts without a valid email address via a valemail action with the valmem set to a pre-assigned user ID, which is visible from a memberlist action.
Deluxebb Deluxebb 1.3
1 EDB exploit
NA
CVE-2010-1859
SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the membercookie cookie when adding a new thread.
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb
Deluxebb Deluxebb 1.2
Deluxebb Deluxebb 1.1
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.07
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started