Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pbboard pbboard vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-9215
SQL injection vulnerability in the CheckEmail function in includes/functions.class.php in PBBoard 3.0.1 prior to 20141128 allows remote malicious users to execute arbitrary SQL commands via the email parameter in the register page to index.php. NOTE: the email parameter in the fo...
Pbboard Pbboard
1 EDB exploit
NA
CVE-2012-4036
Unrestricted file upload vulnerability in admin.php in PBBoard 2.1.4 allows remote administrators to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the addons directory. NOTE: this vulnerability c...
Pbboard Pbboard 2.1.4
1 EDB exploit
NA
CVE-2012-4035
The new_password page in PBBoard 2.1.4 allows remote malicious users to change the password of arbitrary user accounts via the member_id and new_password parameters to index.php.
Pbboard Pbboard 2.1.4
1 EDB exploit
NA
CVE-2012-1216
Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in PBBoard 2.1.4 allow remote malicious users to hijack the authentication of administrators for requests that (1) upload a file via an add action or (2) change the contents of a file via a dit action.
Pbboard Pbboard 2.1.4
NA
CVE-2009-3649
Cross-site scripting (XSS) vulnerability in forums/index.php in Power Bulletin Board (PBBoard) 2.0.2 and possibly earlier allows remote malicious users to inject arbitrary web script or HTML via the id parameter in a new_topic action.
Pbboard Pbboard 2.0.2
NA
CVE-2012-4034
Multiple SQL injection vulnerabilities in PBBoard 2.1.4 allow remote malicious users to execute arbitrary SQL commands via the (1) username parameter to the send page, (2) email parameter to the forget page, (3) password parameter to the forum_archive page, (4) section parameter ...
Pbboard Pbboard 2.1.4
1 EDB exploit
NA
CVE-2012-40341
PBBoard version 2.1.4 suffers from improper authentication, improper access control, and remote SQL injection vulnerabilities.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started