« Brief: Hackers darkened cities, CIA says
Vuln: F5 BIG-IP ‘SearchString’ Multiple Cross-Site Scripting Vulnerabilities »

Bugtraq: DeluxeBB 1.1 XSS Vulnerabilitie

DeluxeBB 1.1 XSS Vulnerabilitie


Related Files:

  • http://packetstormsecurity.com/0711-exploits/deluxebb-bypass.txt

    DeluxeBB versions 1.09 and below remote change exploit that manipulates user or administrative e-mail addresses.  Homepage: http://www.opencosmo.com/. Authored By Nexen

  • http://packetstormsecurity.com/0607-exploits/deluxeBB.txt

    DeluxeBB versions 1.07 and below suffer from multiple vulnerabilities including SQL injection and cross site scripting flaws. Authored By Jessica Hope, Th3 M0ths

  • http://packetstormsecurity.com/0605-exploits/DeluxeBB.txt

    DeluxeBB version 1.06 remote SQL injection exploit.  Homepage: http://contropotere.netsons.org/. Authored By KingOfSka

  • http://packetstormsecurity.com/0606-exploits/secunia-deluxebb.txt

    Secunia Research has discovered some vulnerabilities in DeluxeBB version 1.06, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system. Related CVE Numbers: CVE-2006-2914,CVE-2006-2915.  Homepage: http://secunia.com/. Authored By Andreas Sandblad

  • http://packetstormsecurity.com/docs/infosec/bugtraq.ids.thread.txt

    Complete archive of the excellent threads recently posted on the BugTraq mailing list regarding Intrusion Detection Systems. IDS theories, implementations, problems, and reviews of commercial products are among the topics covered.

  • http://packetstormsecurity.com/0311-exploits/_BSSADV-0000.txt

    Bugtraq Security Systems Security Advisory - Multiple vulnerabilities have been discovered in the Applied Watch Command Center IDS. Two exploits have been released to demonstrate these flaws. The first, appliedsnatch.c, allows a remote attacker to add a user to the console without having to authenticate to the system. The second, addrule.c, allows a remote attacker to add custom IDS alerts to all sensor nodes in a network, enabling a human denial-of-service attack by making good packets look bad. Related CVE Numbers: CAN-2003-0970, CAN-2003-0971.  Homepage: http://www.bugtraq.org. Authored By The Bugtraq Team

  • http://packetstormsecurity.com/0704-advisories/pico-traverse.txt

    Acubix PicoZip version 4.02 suffers from a directory traversal vulnerability.  Homepage: http://www.bugtraq.ir/. Authored By Hamid Ebadi

  • http://packetstormsecurity.com/0707-advisories/t1lib.txt

    T1Lib suffers from a buffer overflow vulnerability.  Homepage: http://www.bugtraq.ir/. Authored By Hamid Ebadi

  • http://packetstormsecurity.com/0704-exploits/exponent-multi.txt

    Exponent CMS versions 0.96.6-Alpha and below are susceptible to directory traversal and cross site scripting vulnerabilities.  Homepage: http://www.bugtraq.ir/. Authored By Hamid Ebadi

  • http://packetstormsecurity.com/0704-exploits/rspa-rfi.txt

    Really Simple PHP and Ajax, or RSPA, is susceptible to a remote file inclusion vulnerability. Version RSPA-2007-03-23 is susceptible.  Homepage: http://www.bugtraq.ir/. Authored By Hamid Ebadi

    • This entry was posted on Tuesday, January 22nd, 2008 at 8:00 am and is filed under Cross Site Scripting (XSS), Excel, File Inclusion, Google, Host Intrusion Detection Systems, Host Intrusion Prevention Systems, Network Intrusion Detection Systems, Network Intrusion Prevention Systems, PHP, SQL Injection, Vulnerabilities, Web Attacks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    Leave a Reply

    You must be logged in to post a comment.