Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbs vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2011-0455
Cross-site scripting (XSS) vulnerability in Things BBS prior to 2.0.3 and BBS Thread prior to 2.0.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Thingslabo Things Bbs
Thingslabo Things Bbs 1.1.0
Thingslabo Things Bbs 1.0.4
Thingslabo Things Bbs 2.0.1
Thingslabo Things Bbs 2.0.0
Thingslabo Bbs Thread 1.0.0
Thingslabo Bbs Thread 2.0.0
Thingslabo Bbs Thread 2.0.1
Thingslabo Bbs Thread
10
CVSSv2
CVE-2007-0368
Stack-based buffer overflow in mbse-bbs 0.70 and previous versions allows local users to execute arbitrary code via a long string in the MBSE_ROOT environment variable.
Michiel Broek Mbse-bbs 0.36
Michiel Broek Mbse-bbs 0.38
Michiel Broek Mbse-bbs 0.33.17
Michiel Broek Mbse-bbs 0.60
Michiel Broek Mbse-bbs 0.70
Michiel Broek Mbse-bbs 0.33.18
Michiel Broek Mbse-bbs 0.33.19
Michiel Broek Mbse-bbs 0.33.20
Michiel Broek Mbse-bbs 0.35.7
1 EDB exploit
7.5
CVSSv2
CVE-2001-1207
Buffer overflows in DayDream BBS 2.9 up to and including 2.13 allow remote malicious users to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA.
Daydream Daydream Bbs 2.10
Daydream Daydream Bbs 2.12
Daydream Daydream Bbs 2.13
Daydream Daydream Bbs 2.9
7.5
CVSSv2
CVE-2001-1208
Format string vulnerability in DayDream BBS allows remote malicious users to execute arbitrary code via format string specifiers in a file containing a ~#RA control code.
Daydream Daydream Bbs 2.12
Daydream Daydream Bbs 2.13
Daydream Daydream Bbs 2.9
Daydream Daydream Bbs 2.10
NA
CVE-2023-36222
Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote malicious user to execute arbitrary code via a crafted payload to the comment parameter in the article function.
Bbs-go Bbs-go
NA
CVE-2023-36223
Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote malicious user to execute arbitrary code via a crafted payload to the announcements parameter in the settings function.
Bbs-go Bbs-go
NA
CVE-2023-1200
A vulnerability was found in ehuacui bbs. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and ...
Ehuacui-bbs Project Ehuacui-bbs -
3.5
CVSSv2
CVE-2021-38221
bbs-go <= 3.3.0 including Custom Edition is vulnerable to stored XSS.
Bbs-go Project Bbs-go
NA
CVE-2023-27089
Cross Site Scripting vulnerability found in Ehuacui BBS allows malicious users to cause a denial of service via a crafted payload in the login parameter.
Ehuacui-bbs Project Ehuacui-bbs -
5
CVSSv2
CVE-2008-5597
Cold BBS stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for db/cforum.mdb.
Cold Bbs Cold Bbs Nil
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »