wired community software wwwthreads vulnerabilities and exploits

(subscribe to this query)

Multiple cross-site scripting (XSS) vulnerabilities in WWWthreads 5.4.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the Cat parameter to (1) dosearch.php, (2) postlist.php, (3) showmembers.php, (4) faq_english.php, (5) online.php,...

Wired Community Software Wwwthreads 5.4 Wired Community Software Wwwthreads Rc3 Wired Community Software Wwwthreads

Cross-site scripting (XSS) vulnerability in calendar.php in WWWthreads allows remote malicious users to inject arbitrary web script or HTML via the week parameter.

Wired Community Software Wwwthreads Rc3 Wired Community Software Wwwthreads 5.4

1 EDB exploit

Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote malicious users to execute arbitrary SQL commands via (1) the forumreferrer cookie to register.php and (2) the messages parameter in message_list.php.

Wired Community Software Wwwthreads Rc3

Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 up to and including 5.0.9 allows remote malicious users to upload arbitrary files by using a filename that contains an accepted extension, but ends in a different extension.

Infopop Ultimate Bulletin Board 5.4 Wired Community Software Wwwthreads 5.0 Wired Community Software Wwwthreads 5.0.6 Wired Community Software Wwwthreads 5.0.8 Wired Community Software Wwwthreads 5.0.9

wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, which allows remote malicious users to gain privileges for wwwthreads forums.

Wired Community Software Wwwthreads

1 EDB exploit

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook