Dvbbs » Dvbbs : Security Vulnerabilities, CVEs,

CVE-2009-4470

SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows remote attackers to execute arbitrary SQL commands via the groupboardid parameter.
Max CVSS
7.5
EPSS Score
0.07%
Published
2009-12-30
Updated
2018-10-10

CVE-2008-5222

SQL injection vulnerability in login.asp in Dvbbs 8.2.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.
Max CVSS
7.5
EPSS Score
0.07%
Published
2008-11-25
Updated
2018-10-11

CVE-2007-3774

Dvbbs 7.1.0 SP1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Data/Dvbbs7.mdb.
Max CVSS
7.8
EPSS Score
0.52%
Published
2007-07-15
Updated
2018-10-15

CVE-2005-2588

Multiple cross-site scripting (XSS) vulnerabilities in DVBBS 7.1 SP2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the page parameter to dispbbs.asp, (2) name parameter to dispuser.asp, or the (3) title, (4) view, or (5) act parameter to boardhelp.asp.
Max CVSS
4.3
EPSS Score
0.58%
Published
2005-08-17
Updated
2008-09-05

CVE-2005-2318

Cross-site scripting (XSS) vulnerability in showerr.asp in DVBBS 7.1 SP2 allows remote attackers to inject arbitrary web script or HTML via the action parameter.
Max CVSS
4.3
EPSS Score
0.10%
Published
2005-07-19
Updated
2008-09-05
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close