Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbs vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-1880
Cross-site scripting (XSS) vulnerability in MT312 REP-BBS allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to (1) model.php and (2) config.php with timestamps prior to 20090521.
Mt312 Rep-bbs
4.3
CVSSv2
CVE-2009-1881
Cross-site scripting (XSS) vulnerability in MT312 IMG-BBS allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to model.php with a timestamp prior to 20090521.
Mt312 Img-bbs
4.3
CVSSv2
CVE-2009-2226
Cross-site scripting (XSS) vulnerability in Let's PHP! Tree BBS 2004/11/23 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Php.s3 Tree Bbs
4.3
CVSSv2
CVE-2005-4306
Multiple cross-site scripting (XSS) vulnerabilities in SiteNet BBS 2.0 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) pg, (2) tid, (3) cid, and (4) fid parameters to netboardr.cgi, or (5) cid parameter to search.cgi.
Focalmedia.net Sitenet Bbs
2 EDB exploits
7.5
CVSSv2
CVE-2009-4871
SQL injection vulnerability in globepersonnel_forum.asp in Logoshows BBS 2.0 allows remote malicious users to execute arbitrary SQL commands via the forumid parameter.
Logoshows Logoshows Bbs 2.0
1 EDB exploit
5
CVSSv2
CVE-2001-0123
Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote malicious users to read arbitrary files via a .. (dot dot) attack on the file parameter.
Extropia Bbs Forum.cgi 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-4872
Multiple SQL injection vulnerabilities in globepersonnel_login.asp in Logoshows BBS 2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) username and (2) password fields.
Logoshows Logoshows Bbs 2.0
1 EDB exploit
NA
CVE-2023-27755
go-bbs v1 exists to contain an arbitrary file download vulnerability via the component /api/v1/download.
71note Go-bbs 1.0
5
CVSSv2
CVE-2009-4545
Logoshows BBS 2.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for database/globepersonnel.mdb.
Logoshows Logoshows Bbs 2.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-4546
globepersonnel_login.asp in Logoshows BBS 2.0 allows remote malicious users to bypass authentication and gain administrative access by setting the (1) pb_username (aka pb%5Fusername) and (2) level cookies.
Logoshows Logoshows Bbs 2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »