Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbs vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2011-0455
Cross-site scripting (XSS) vulnerability in Things BBS prior to 2.0.3 and BBS Thread prior to 2.0.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Thingslabo Things Bbs
Thingslabo Things Bbs 1.1.0
Thingslabo Things Bbs 1.0.4
Thingslabo Things Bbs 2.0.1
Thingslabo Things Bbs 2.0.0
Thingslabo Bbs Thread 1.0.0
Thingslabo Bbs Thread 2.0.0
Thingslabo Bbs Thread 2.0.1
Thingslabo Bbs Thread
10
CVSSv2
CVE-2007-0368
Stack-based buffer overflow in mbse-bbs 0.70 and previous versions allows local users to execute arbitrary code via a long string in the MBSE_ROOT environment variable.
Michiel Broek Mbse-bbs 0.36
Michiel Broek Mbse-bbs 0.38
Michiel Broek Mbse-bbs 0.33.17
Michiel Broek Mbse-bbs 0.60
Michiel Broek Mbse-bbs 0.70
Michiel Broek Mbse-bbs 0.33.18
Michiel Broek Mbse-bbs 0.33.19
Michiel Broek Mbse-bbs 0.33.20
Michiel Broek Mbse-bbs 0.35.7
1 EDB exploit
7.5
CVSSv2
CVE-2001-1207
Buffer overflows in DayDream BBS 2.9 up to and including 2.13 allow remote malicious users to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA.
Daydream Daydream Bbs 2.10
Daydream Daydream Bbs 2.12
Daydream Daydream Bbs 2.13
Daydream Daydream Bbs 2.9
7.5
CVSSv2
CVE-2001-1208
Format string vulnerability in DayDream BBS allows remote malicious users to execute arbitrary code via format string specifiers in a file containing a ~#RA control code.
Daydream Daydream Bbs 2.12
Daydream Daydream Bbs 2.13
Daydream Daydream Bbs 2.9
Daydream Daydream Bbs 2.10
NA
CVE-2023-36222
Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote malicious user to execute arbitrary code via a crafted payload to the comment parameter in the article function.
Bbs-go Bbs-go
NA
CVE-2023-36223
Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote malicious user to execute arbitrary code via a crafted payload to the announcements parameter in the settings function.
Bbs-go Bbs-go
NA
CVE-2023-27089
Cross Site Scripting vulnerability found in Ehuacui BBS allows malicious users to cause a denial of service via a crafted payload in the login parameter.
Ehuacui-bbs Project Ehuacui-bbs -
NA
CVE-2022-4347
A vulnerability was found in xiandafu beetl-bbs. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file WebUtils.java. The manipulation of the argument user leads to cross site scripting. The attack can be launched remotely. Th...
Beetl-bbs Project Beetl-bbs -
3.5
CVSSv2
CVE-2021-38221
bbs-go <= 3.3.0 including Custom Edition is vulnerable to stored XSS.
Bbs-go Project Bbs-go
5
CVSSv2
CVE-2008-5597
Cold BBS stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for db/cforum.mdb.
Cold Bbs Cold Bbs Nil
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »