Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbs vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2021-43099
An Archive Extraction (AKA "Zip Slip) vulnerability exists in bbs 5.3 in the UpgradeNow function in UpgradeManageAction.java, which unzips the arbitrary upladed zip file without checking filenames. The vulnerability is exploited using a specially crafted archive that holds d...
Diyhi Bbs 5.3
578
VMScore
CVE-2021-43100
A File Upload vulnerability exists in bbs 5.3 is via TopicManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.
Diyhi Bbs 5.3
578
VMScore
CVE-2021-43102
A File Upload vulnerability exists in bbs 5.3 is via HelpManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.
Diyhi Bbs 5.3
578
VMScore
CVE-2021-43103
A File Upload vulnerability exists in bbs 5.3 is via ForumManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.
Diyhi Bbs 5.3
755
VMScore
CVE-2009-4546
globepersonnel_login.asp in Logoshows BBS 2.0 allows remote malicious users to bypass authentication and gain administrative access by setting the (1) pb_username (aka pb%5Fusername) and (2) level cookies.
Logoshows Logoshows Bbs 2.0
1 EDB exploit
435
VMScore
CVE-2009-3152
Multiple cross-site scripting (XSS) vulnerabilities in becommunity/community/index.php in NTSOFT BBS E-Market Professional allow remote malicious users to inject arbitrary web script or HTML via the (1) page, (2) bt_code, and (3) b_no parameters in a board view action.
Nt Bbs E-market
1 EDB exploit
505
VMScore
CVE-2001-0123
Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote malicious users to read arbitrary files via a .. (dot dot) attack on the file parameter.
Extropia Bbs Forum.cgi 1.0
1 EDB exploit
NA
CVE-2023-27755
go-bbs v1 exists to contain an arbitrary file download vulnerability via the component /api/v1/download.
71note Go-bbs 1.0
505
VMScore
CVE-2009-4545
Logoshows BBS 2.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for database/globepersonnel.mdb.
Logoshows Logoshows Bbs 2.0
1 EDB exploit
NA
CVE-2023-34174
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in BBS e-Theme BBS e-Popup plugin <= 2.4.5 versions.
Bbsetheme Bbs E-popup
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »