Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbs vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2011-0455
Cross-site scripting (XSS) vulnerability in Things BBS prior to 2.0.3 and BBS Thread prior to 2.0.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Thingslabo Things Bbs
Thingslabo Things Bbs 1.1.0
Thingslabo Things Bbs 1.0.4
Thingslabo Things Bbs 2.0.1
Thingslabo Things Bbs 2.0.0
Thingslabo Bbs Thread 1.0.0
Thingslabo Bbs Thread 2.0.0
Thingslabo Bbs Thread 2.0.1
Thingslabo Bbs Thread
1000
VMScore
CVE-2007-0368
Stack-based buffer overflow in mbse-bbs 0.70 and previous versions allows local users to execute arbitrary code via a long string in the MBSE_ROOT environment variable.
Michiel Broek Mbse-bbs 0.36
Michiel Broek Mbse-bbs 0.38
Michiel Broek Mbse-bbs 0.33.17
Michiel Broek Mbse-bbs 0.60
Michiel Broek Mbse-bbs 0.70
Michiel Broek Mbse-bbs 0.33.18
Michiel Broek Mbse-bbs 0.33.19
Michiel Broek Mbse-bbs 0.33.20
Michiel Broek Mbse-bbs 0.35.7
1 EDB exploit
668
VMScore
CVE-2001-1207
Buffer overflows in DayDream BBS 2.9 up to and including 2.13 allow remote malicious users to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA.
Daydream Daydream Bbs 2.10
Daydream Daydream Bbs 2.12
Daydream Daydream Bbs 2.13
Daydream Daydream Bbs 2.9
668
VMScore
CVE-2001-1208
Format string vulnerability in DayDream BBS allows remote malicious users to execute arbitrary code via format string specifiers in a file containing a ~#RA control code.
Daydream Daydream Bbs 2.12
Daydream Daydream Bbs 2.13
Daydream Daydream Bbs 2.9
Daydream Daydream Bbs 2.10
NA
CVE-2023-36222
Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote malicious user to execute arbitrary code via a crafted payload to the comment parameter in the article function.
Bbs-go Bbs-go
NA
CVE-2023-36223
Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote malicious user to execute arbitrary code via a crafted payload to the announcements parameter in the settings function.
Bbs-go Bbs-go
312
VMScore
CVE-2021-38221
bbs-go <= 3.3.0 including Custom Edition is vulnerable to stored XSS.
Bbs-go Project Bbs-go
505
VMScore
CVE-2008-5597
Cold BBS stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for db/cforum.mdb.
Cold Bbs Cold Bbs Nil
1 EDB exploit
NA
CVE-2023-1200
A vulnerability was found in ehuacui bbs. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and ...
Ehuacui-bbs Project Ehuacui-bbs -
NA
CVE-2022-4347
A vulnerability was found in xiandafu beetl-bbs. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file WebUtils.java. The manipulation of the argument user leads to cross site scripting. The attack can be launched remotely. Th...
Beetl-bbs Project Beetl-bbs -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »