Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbs vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2022-23390
An issue in the getType function of BBS Forum v5.3 and below allows malicious users to upload arbitrary files.
Diyhi Bbs Forum
505
VMScore
CVE-2017-6371
Synchronet BBS 3.16c for Windows allows remote malicious users to cause a denial of service (service crash) via a long string in the HTTP Referer header.
Synchro Bbs 3.16c
1 EDB exploit
578
VMScore
CVE-2021-43103
A File Upload vulnerability exists in bbs 5.3 is via ForumManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.
Diyhi Bbs 5.3
755
VMScore
CVE-2007-3934
PHP remote file inclusion vulnerability in postscript/postscript.php in BBS E-Market allows remote malicious users to execute arbitrary PHP code via a URL in the p_mode parameter.
Bbs E-market
1 EDB exploit
505
VMScore
CVE-2001-0123
Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote malicious users to read arbitrary files via a .. (dot dot) attack on the file parameter.
Extropia Bbs Forum.cgi 1.0
1 EDB exploit
NA
CVE-2023-27755
go-bbs v1 exists to contain an arbitrary file download vulnerability via the component /api/v1/download.
71note Go-bbs 1.0
505
VMScore
CVE-2009-4545
Logoshows BBS 2.0 stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for database/globepersonnel.mdb.
Logoshows Logoshows Bbs 2.0
1 EDB exploit
755
VMScore
CVE-2009-4546
globepersonnel_login.asp in Logoshows BBS 2.0 allows remote malicious users to bypass authentication and gain administrative access by setting the (1) pb_username (aka pb%5Fusername) and (2) level cookies.
Logoshows Logoshows Bbs 2.0
1 EDB exploit
435
VMScore
CVE-2009-3152
Multiple cross-site scripting (XSS) vulnerabilities in becommunity/community/index.php in NTSOFT BBS E-Market Professional allow remote malicious users to inject arbitrary web script or HTML via the (1) page, (2) bt_code, and (3) b_no parameters in a board view action.
Nt Bbs E-market
1 EDB exploit
755
VMScore
CVE-2009-4871
SQL injection vulnerability in globepersonnel_forum.asp in Logoshows BBS 2.0 allows remote malicious users to execute arbitrary SQL commands via the forumid parameter.
Logoshows Logoshows Bbs 2.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »