Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
newsboard unclassified newsboard vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2405
Directory traversal vulnerability in unb_lib/abbc.conf.php in Unclassified NewsBoard (UNB) 1.6.1 patch 1 and previous versions, when register_globals is enabled, allows remote malicious users to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in ...
Unclassified Newsboard Unclassified Newsboard 1.5.3
Unclassified Newsboard Unclassified Newsboard 1.5.3 Patch3
Unclassified Newsboard Unclassified Newsboard 1.5.3a
Unclassified Newsboard Unclassified Newsboard 1.6.1
Unclassified Newsboard Unclassified Newsboard
1 EDB exploit
NA
CVE-2006-2406
Directory traversal vulnerability in bb_lib/abbc.css.php in Unclassified NewsBoard (UNB) 1.5.3-d and possibly earlier versions, when register_globals is enabled, allows remote malicious users to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in ...
Unclassified Newsboard Unclassified Newsboard
1 EDB exploit
NA
CVE-2005-2855
Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard 1.5.3 allows remote malicious users to inject arbitrary web script or HTML via the description field.
Unclassified Newsboard Unclassified Newsboard 1.5.3
1 EDB exploit
NA
CVE-2007-1597
Unclassified NewsBoard 1.6.3 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain (1) the board log via a direct request for logs/board-YYYY-MM-DD.log, (2) the mail and private message (PM) log via a direc...
Unclassified Newsboard Unclassified Newsboard 1.6.3
NA
CVE-2005-3686
SQL injection vulnerability in search.inc.php in Unclassified NewsBoard prior to 1.5.3 Patch 4 allows remote malicious users to execute arbitrary SQL commands via the (1) DateFrom or (2) DateUntil parameter to forum.php.
Newsboard Unclassified Newsboard
1 EDB exploit
NA
CVE-2009-1947
SQL injection vulnerability in the UnbDbEncode function in unb_lib/database.lib.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote malicious users to execute arbitrary SQL commands via the Query parameter in a search action to forum.php, a different vector than CVE-2005-3686...
Newsboard Unclassified Newsboard 1.6.4
1 EDB exploit
NA
CVE-2009-1948
Multiple directory traversal vulnerabilities in forum.php in Unclassified NewsBoard (UNB) 1.6.4, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote malicious users to (1) read arbitrary recently-modified files via a .. (dot dot) in the GLOBALS[filenam...
Unclassified Newsboard 1.6.4
1 EDB exploit
NA
CVE-2009-1949
import_wbb1.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Unclassified Newsboard 1.6.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started