Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbs vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2015-2970
index.php in LEMON-S PHP Simple Oekaki BBS prior to 1.21 allows remote malicious users to delete arbitrary files via the oekakis parameter.
Lemon-s Php Simple Oekaki
7.5
CVSSv2
CVE-2015-0868
Unrestricted file upload vulnerability in Mrs. Shiromuku Perl CGI shiromuku(bu2)BBS prior to 2.91 allows remote malicious users to execute arbitrary code by uploading an executable file.
Shiromuku Bu2 Bbs
4.3
CVSSv2
CVE-2014-7262
Cross-site scripting (XSS) vulnerability in the Omake BBS component in ULTRAPOP.JP i-HTTPD allows remote malicious users to inject arbitrary web script or HTML via a crafted string.
Ultrapop I-httpd
7.5
CVSSv2
CVE-2014-7260
The Server Side Includes (SSI) implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote malicious users to execute arbitrary commands by uploading files containing commands in SSI directives.
Ultrapop I-httpd -
6.5
CVSSv2
CVE-2014-2339
Multiple SQL injection vulnerabilities in bbs/ajax.autosave.php in GNUboard 5.x and possibly earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) subject or (2) content parameter.
Sir Gnuboard 4.34.20
Sir Gnuboard
Sir Gnuboard 4.31.3
Sir Gnuboard 4.33.2
Sir Gnuboard 4.34.21
Sir Gnuboard 4.31.4
1 EDB exploit
4.3
CVSSv2
CVE-2012-4019
Cross-site scripting (XSS) vulnerability in tokyo_bbs.cgi in Come on Girls Interface (CGI) Tokyo BBS allows remote malicious users to inject arbitrary web script or HTML via vectors related to the error page.
C61 Tokyo Bbs -
7.5
CVSSv2
CVE-2011-4066
SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and previous versions allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO.
Sir Gnuboard 3.38
Sir Gnuboard 3.37
Sir Gnuboard
Sir Gnuboard 4.31.03
Sir Gnuboard 3.34
Sir Gnuboard 3.33
Sir Gnuboard 3.32
Sir Gnuboard 3.40
Sir Gnuboard 3.39
Sir Gnuboard 3.31
Sir Gnuboard 3.30
Sir Gnuboard 3.36
Sir Gnuboard 3.35
1 EDB exploit
4.3
CVSSv2
CVE-2011-0455
Cross-site scripting (XSS) vulnerability in Things BBS prior to 2.0.3 and BBS Thread prior to 2.0.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Thingslabo Things Bbs
Thingslabo Things Bbs 1.1.0
Thingslabo Things Bbs 1.0.4
Thingslabo Things Bbs 2.0.1
Thingslabo Things Bbs 2.0.0
Thingslabo Bbs Thread 1.0.0
Thingslabo Bbs Thread 2.0.0
Thingslabo Bbs Thread 2.0.1
Thingslabo Bbs Thread
4.3
CVSSv2
CVE-2010-3931
Cross-site scripting (XSS) vulnerability in multiple Rocomotion products, including P board 1.18 and other versions, P forum 1.30 and previous versions, P up board 1.38 and other versions, P diary R 1.13 and previous versions, P link 1.11 and previous versions, P link compact 1.0...
Rocomotion P Board
Rocomotion P Diary R
Rocomotion P Forum
Rocomotion P Link
Rocomotion P Link Compact
Rocomotion P Up Board
Rocomotion Pm Bbs
Rocomotion Pm Forum
Rocomotion Pplog
Rocomotion Pplog 2
10
CVSSv2
CVE-2010-2361
Winny 2.0b7.1 and previous versions does not properly process BBS information, which has unspecified impact and remote attack vectors that might lead to use of the product's host for DDoS attacks.
Winny Winny
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »