Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deluxebb deluxebb 1.05 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3797
SQL injection vulnerability in DeluxeBB 1.07 and previous versions allows remote malicious users to bypass authentication, spoof users, and modify settings via the (1) memberpw and (2) membercookie cookies.
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.06
NA
CVE-2006-3799
DeluxeBB 1.07 and previous versions allows remote malicious users to bypass SQL injection protection mechanisms via the login variable and certain other variables, by using lowercase "union select" or possibly other statements that do not match the uppercase "UNION...
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.06
NA
CVE-2006-3798
DeluxeBB 1.07 and previous versions allows remote malicious users to overwrite the (1) _GET, (2) _POST, (3) _ENV, and (4) _SERVER variables via the _COOKIE (aka COOKIE) variable, which can overwrite the other variables during an extract function call, probably leading to multiple...
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.06
NA
CVE-2006-4079
Cross-site scripting (XSS) vulnerability in newpost.php in DeluxeBB 1.08, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via the subject parameter (aka the topic title field).
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb
Deluxebb Deluxebb 1.06
NA
CVE-2006-4080
DeluxeBB 1.08, and possibly earlier, uses cookies that include the MD5 hash of a password, which allows remote malicious users to gain privileges by sniffing or cross-site scripting (XSS) and conduct password guessing attacks.
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb
Deluxebb Deluxebb 1.06
NA
CVE-2005-2989
Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote malicious users to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php.
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.0
5 EDB exploits
NA
CVE-2006-5154
PHP remote file inclusion vulnerability in cp/sig.php in DeluxeBB 1.09 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the templatefolder parameter.
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.06
1 EDB exploit
NA
CVE-2008-6146
SQL injection vulnerability in pm.php in DeluxeBB 1.2 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via a delete##### parameter in a Delete action, a different vector than CVE-2005-2989.
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.1
1 EDB exploit
NA
CVE-2009-1033
SQL injection vulnerability in misc.php in DeluxeBB 1.3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the qorder parameter, a different vector than CVE-2005-2989 and CVE-2006-2503.
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb
Deluxebb Deluxebb 1.2
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.1
1 EDB exploit
NA
CVE-2010-1859
SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the membercookie cookie when adding a new thread.
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.2
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »