Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unclassified newsboard unclassified newsboard vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2405
Directory traversal vulnerability in unb_lib/abbc.conf.php in Unclassified NewsBoard (UNB) 1.6.1 patch 1 and previous versions, when register_globals is enabled, allows remote malicious users to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in ...
Unclassified Newsboard Unclassified Newsboard 1.5.3
Unclassified Newsboard Unclassified Newsboard 1.5.3 Patch3
Unclassified Newsboard Unclassified Newsboard 1.5.3a
Unclassified Newsboard Unclassified Newsboard 1.6.1
Unclassified Newsboard Unclassified Newsboard
1 EDB exploit
NA
CVE-2006-2406
Directory traversal vulnerability in bb_lib/abbc.css.php in Unclassified NewsBoard (UNB) 1.5.3-d and possibly earlier versions, when register_globals is enabled, allows remote malicious users to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in ...
Unclassified Newsboard Unclassified Newsboard
1 EDB exploit
NA
CVE-2005-2855
Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard 1.5.3 allows remote malicious users to inject arbitrary web script or HTML via the description field.
Unclassified Newsboard Unclassified Newsboard 1.5.3
1 EDB exploit
NA
CVE-2007-1597
Unclassified NewsBoard 1.6.3 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to obtain (1) the board log via a direct request for logs/board-YYYY-MM-DD.log, (2) the mail and private message (PM) log via a direc...
Unclassified Newsboard Unclassified Newsboard 1.6.3
NA
CVE-2005-3686
SQL injection vulnerability in search.inc.php in Unclassified NewsBoard prior to 1.5.3 Patch 4 allows remote malicious users to execute arbitrary SQL commands via the (1) DateFrom or (2) DateUntil parameter to forum.php.
Newsboard Unclassified Newsboard
1 EDB exploit
NA
CVE-2009-1947
SQL injection vulnerability in the UnbDbEncode function in unb_lib/database.lib.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote malicious users to execute arbitrary SQL commands via the Query parameter in a search action to forum.php, a different vector than CVE-2005-3686...
Newsboard Unclassified Newsboard 1.6.4
1 EDB exploit
NA
CVE-2009-1948
Multiple directory traversal vulnerabilities in forum.php in Unclassified NewsBoard (UNB) 1.6.4, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote malicious users to (1) read arbitrary recently-modified files via a .. (dot dot) in the GLOBALS[filenam...
Unclassified Newsboard 1.6.4
1 EDB exploit
NA
CVE-2009-1949
import_wbb1.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Unclassified Newsboard 1.6.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started