Shodan
Vulnerabilities
Vulnerable Software
Openbb:  Security Vulnerabilities
CVE-2006-4722
PHP remote file inclusion vulnerability in Open Bulletin Board (OpenBB) 1.0.8 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) index.php and possibly (2) collector.php.
CVSS Score
7.5
EPSS Score
0.028
Published
2006-09-12
CVE-2005-2566
Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter to board.php or (2) UID parameter to member.php.
CVSS Score
7.5
EPSS Score
0.011
Published
2005-08-16
CVE-2005-1612
SQL injection vulnerability in read.php in Open Bulletin Board (OpenBB) 1.0.8 allows remote attackers to execute arbitrary SQL commands via the TID parameter.
CVSS Score
7.5
EPSS Score
0.022
Published
2005-05-16
CVE-2005-1613
Cross-site scripting (XSS) vulnerability in member.php in Open Bulletin Board (OpenBB) 1.0.8 allows remote attackers to inject arbitrary web script or HTML via the reverse parameter in a list action.
CVSS Score
6.8
EPSS Score
0.037
Published
2005-05-16
CVE-2004-1966
Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) forums parameter in search.php, or (4) PID or FID parameters in post.php.
CVSS Score
7.5
EPSS Score
0.013
Published
2004-12-31
CVE-2004-1968
The readmsg action in myhome.php in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to read arbitrary messages by modifying the id parameter.
CVSS Score
5.0
EPSS Score
0.029
Published
2004-04-26
CVE-2004-1965
Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.
CVSS Score
4.3
EPSS Score
0.084
Published
2004-04-25
CVE-2004-1967
Cross-site request forgery (CSRF) vulnerabilities in (1) cp_forums.php, (2) cp_usergroup.php, (3) cp_ipbans.php, (4) myhome.php, (5) post.php, or (6) moderator.php in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary code by including the code in an image tag or a link.
CVSS Score
8.8
EPSS Score
0.016
Published
2004-04-25
CVE-2004-1969
The avatar upload capability in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to execute arbitrary script by uploading files that include scripting code such as Javascript.
CVSS Score
7.5
EPSS Score
0.015
Published
2004-04-25
CVE-2002-1829
Cross-site scripting (XSS) vulnerability in codeparse.php in Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to inject arbitrary web script or HTML via (1) myhome.php, (2) an onerror attribute in an IMG tag (a variant of CVE-2002-0330), or (3) a glow tag.
CVSS Score
4.3
EPSS Score
0.036
Published
2002-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved