Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
deluxebb vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2195
Static code injection vulnerability in admincp.php in DeluxeBB 1.2 and previous versions allows remote authenticated administrators to inject arbitrary PHP code into logs/cp.php via the URI.
Deluxebb Deluxebb
1 EDB exploit
NA
CVE-2008-0439
Cross-site scripting (XSS) vulnerability in templates/default/admincp/attachments_header.php in DeluxeBB 1.1 allows remote malicious users to inject arbitrary web script or HTML via the lang_listofmatches parameter.
Deluxebb Deluxebb 1.1
1 EDB exploit
NA
CVE-2007-6237
cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the authenticated member during a profile update, which allows remote authenticated users to change the e-mail addresses of arbitrary accounts via a modified membercookie parameter, a different...
Deluxebb Deluxebb 1.09
1 EDB exploit
NA
CVE-2006-5154
PHP remote file inclusion vulnerability in cp/sig.php in DeluxeBB 1.09 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the templatefolder parameter.
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb 1.08
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.09
Deluxebb Deluxebb 1.06
1 EDB exploit
NA
CVE-2006-4558
DeluxeBB 1.06 and previous versions, when run on the Apache HTTP Server with the mod_mime module, allows remote malicious users to execute arbitrary PHP code by uploading files with double extensions via the fileupload parameter in a newthread action in newpost.php.
Deluxebb Deluxebb
1 EDB exploit
NA
CVE-2006-4079
Cross-site scripting (XSS) vulnerability in newpost.php in DeluxeBB 1.08, and possibly earlier, allows remote malicious users to inject arbitrary web script or HTML via the subject parameter (aka the topic title field).
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.07
NA
CVE-2006-4078
pm.php (aka the PM system) in DeluxeBB 1.08, and possibly earlier, allows remote malicious users to bypass authentication by providing an arbitrary username in the membercookie cookie parameter.
Deluxebb Deluxebb 1.08
NA
CVE-2006-4080
DeluxeBB 1.08, and possibly earlier, uses cookies that include the MD5 hash of a password, which allows remote malicious users to gain privileges by sniffing or cross-site scripting (XSS) and conduct password guessing attacks.
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.0
Deluxebb Deluxebb 1.05
Deluxebb Deluxebb
NA
CVE-2006-3798
DeluxeBB 1.07 and previous versions allows remote malicious users to overwrite the (1) _GET, (2) _POST, (3) _ENV, and (4) _SERVER variables via the _COOKIE (aka COOKIE) variable, which can overwrite the other variables during an extract function call, probably leading to multiple...
Deluxebb Deluxebb 1.06
Deluxebb Deluxebb 1.07
Deluxebb Deluxebb 1.05
NA
CVE-2006-3795
Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB prior to 1.08 allow remote malicious users to inject arbitrary web script or HTML via the (1) membercookie cookie in header.php and the (2) redirect parameter in misc.php.
Deluxebb Deluxebb
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »