Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbs vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-1881
Cross-site scripting (XSS) vulnerability in MT312 IMG-BBS allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to model.php with a timestamp prior to 20090521.
Mt312 Img-bbs
7.5
CVSSv2
CVE-2007-3934
PHP remote file inclusion vulnerability in postscript/postscript.php in BBS E-Market allows remote malicious users to execute arbitrary PHP code via a URL in the p_mode parameter.
Bbs E-market
1 EDB exploit
4.3
CVSSv2
CVE-2009-1880
Cross-site scripting (XSS) vulnerability in MT312 REP-BBS allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to (1) model.php and (2) config.php with timestamps prior to 20090521.
Mt312 Rep-bbs
7.5
CVSSv2
CVE-2015-0868
Unrestricted file upload vulnerability in Mrs. Shiromuku Perl CGI shiromuku(bu2)BBS prior to 2.91 allows remote malicious users to execute arbitrary code by uploading an executable file.
Shiromuku Bu2 Bbs
4.3
CVSSv2
CVE-2012-4019
Cross-site scripting (XSS) vulnerability in tokyo_bbs.cgi in Come on Girls Interface (CGI) Tokyo BBS allows remote malicious users to inject arbitrary web script or HTML via vectors related to the error page.
C61 Tokyo Bbs -
6.5
CVSSv2
CVE-2021-43098
A File Upload vulnerability exists in bbs v5.3 via QuestionManageAction.java in a getType function.
Diyhi Bbs 5.3
6.5
CVSSv2
CVE-2021-43102
A File Upload vulnerability exists in bbs 5.3 is via HelpManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.
Diyhi Bbs 5.3
4.3
CVSSv2
CVE-2009-2226
Cross-site scripting (XSS) vulnerability in Let's PHP! Tree BBS 2004/11/23 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Php.s3 Tree Bbs
6.5
CVSSv2
CVE-2021-43097
A Server-side Template Injection (SSTI) vulnerability exists in bbs 5.3 in TemplateManageAction.javawhich could let a malicoius user execute arbitrary code.
Diyhi Bbs 5.3
4
CVSSv2
CVE-2021-43099
An Archive Extraction (AKA "Zip Slip) vulnerability exists in bbs 5.3 in the UpgradeNow function in UpgradeManageAction.java, which unzips the arbitrary upladed zip file without checking filenames. The vulnerability is exploited using a specially crafted archive that holds d...
Diyhi Bbs 5.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »