Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    14 vulnerabilities by softbb

    CVE-2014-9561 (GCVE-0-2014-9561)

    Vulnerability from nvd – Published: 2015-01-15 15:00 – Updated: 2024-08-06 13:47
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to inject arbitrary web script or HTML via the post parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-01-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T13:47:41.640Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "71987",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/71987"
              },
              {
                "name": "20150110 CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2015/Jan/21"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/129889/SoftBB-0.1.3-Cross-Site-Scripting.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://tetraph.com/security/cves/cve-2014-9561-softbb-net-softbb-xss-cross-site-scripting-security-vulnerability/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-01-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to inject arbitrary web script or HTML via the post parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2015-01-15T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "71987",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/71987"
            },
            {
              "name": "20150110 CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2015/Jan/21"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/129889/SoftBB-0.1.3-Cross-Site-Scripting.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://tetraph.com/security/cves/cve-2014-9561-softbb-net-softbb-xss-cross-site-scripting-security-vulnerability/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-9561",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to inject arbitrary web script or HTML via the post parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "71987",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/71987"
                },
                {
                  "name": "20150110 CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2015/Jan/21"
                },
                {
                  "name": "http://packetstormsecurity.com/files/129889/SoftBB-0.1.3-Cross-Site-Scripting.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/129889/SoftBB-0.1.3-Cross-Site-Scripting.html"
                },
                {
                  "name": "http://tetraph.com/security/cves/cve-2014-9561-softbb-net-softbb-xss-cross-site-scripting-security-vulnerability/",
                  "refsource": "MISC",
                  "url": "http://tetraph.com/security/cves/cve-2014-9561-softbb-net-softbb-xss-cross-site-scripting-security-vulnerability/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-9561",
        "datePublished": "2015-01-15T15:00:00.000Z",
        "dateReserved": "2015-01-07T00:00:00.000Z",
        "dateUpdated": "2024-08-06T13:47:41.640Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-9560 (GCVE-0-2014-9560)

    Vulnerability from nvd – Published: 2015-01-15 15:00 – Updated: 2024-08-06 13:47
    VLAI
    Summary
    SQL injection vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to execute arbitrary SQL commands via the post parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-01-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T13:47:41.566Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/129888/SoftBB-0.1.3-SQL-Injection.html"
              },
              {
                "name": "71986",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/71986"
              },
              {
                "name": "20150110 CVE-2014-9560 Softbb.net SoftBB SQL Injection Security Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2015/Jan/20"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://tetraph.com/security/cves/cve-2014-9560-softbb-net-softbb-sql-injection-security-vulnerability/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-01-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to execute arbitrary SQL commands via the post parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2015-01-15T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/129888/SoftBB-0.1.3-SQL-Injection.html"
            },
            {
              "name": "71986",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/71986"
            },
            {
              "name": "20150110 CVE-2014-9560 Softbb.net SoftBB SQL Injection Security Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2015/Jan/20"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://tetraph.com/security/cves/cve-2014-9560-softbb-net-softbb-sql-injection-security-vulnerability/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-9560",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to execute arbitrary SQL commands via the post parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/129888/SoftBB-0.1.3-SQL-Injection.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/129888/SoftBB-0.1.3-SQL-Injection.html"
                },
                {
                  "name": "71986",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/71986"
                },
                {
                  "name": "20150110 CVE-2014-9560 Softbb.net SoftBB SQL Injection Security Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2015/Jan/20"
                },
                {
                  "name": "http://tetraph.com/security/cves/cve-2014-9560-softbb-net-softbb-sql-injection-security-vulnerability/",
                  "refsource": "MISC",
                  "url": "http://tetraph.com/security/cves/cve-2014-9560-softbb-net-softbb-sql-injection-security-vulnerability/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-9560",
        "datePublished": "2015-01-15T15:00:00.000Z",
        "dateReserved": "2015-01-07T00:00:00.000Z",
        "dateUpdated": "2024-08-06T13:47:41.566Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4631 (GCVE-0-2006-4631)

    Vulnerability from nvd – Published: 2006-09-08 20:00 – Updated: 2024-08-07 19:14
    VLAI
    Summary
    Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php, which is accessible via a direct request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/2300 exploitx_refsource_EXPLOIT-DB
    http://secunia.com/advisories/21761 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/28579 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2006/3478 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1016785 vdb-entryx_refsource_SECTRACK
    http://securityreason.com/securityalert/1521 third-party-advisoryx_refsource_SREASON
    http://acid-root.new.fr/advisories/10060904.txt x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/445087/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:14:47.796Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "2300",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2300"
              },
              {
                "name": "21761",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21761"
              },
              {
                "name": "28579",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/28579"
              },
              {
                "name": "ADV-2006-3478",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3478"
              },
              {
                "name": "1016785",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016785"
              },
              {
                "name": "1521",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1521"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://acid-root.new.fr/advisories/10060904.txt"
              },
              {
                "name": "softbb-admin-file-include(28749)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28749"
              },
              {
                "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php, which is accessible via a direct request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "2300",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2300"
            },
            {
              "name": "21761",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21761"
            },
            {
              "name": "28579",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/28579"
            },
            {
              "name": "ADV-2006-3478",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3478"
            },
            {
              "name": "1016785",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016785"
            },
            {
              "name": "1521",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1521"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://acid-root.new.fr/advisories/10060904.txt"
            },
            {
              "name": "softbb-admin-file-include(28749)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28749"
            },
            {
              "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4631",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php, which is accessible via a direct request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "2300",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2300"
                },
                {
                  "name": "21761",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21761"
                },
                {
                  "name": "28579",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/28579"
                },
                {
                  "name": "ADV-2006-3478",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3478"
                },
                {
                  "name": "1016785",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016785"
                },
                {
                  "name": "1521",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1521"
                },
                {
                  "name": "http://acid-root.new.fr/advisories/10060904.txt",
                  "refsource": "MISC",
                  "url": "http://acid-root.new.fr/advisories/10060904.txt"
                },
                {
                  "name": "softbb-admin-file-include(28749)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28749"
                },
                {
                  "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4631",
        "datePublished": "2006-09-08T20:00:00.000Z",
        "dateReserved": "2006-09-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:14:47.796Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4633 (GCVE-0-2006-4633)

    Vulnerability from nvd – Published: 2006-09-08 20:00 – Updated: 2024-08-07 19:14
    VLAI
    Summary
    index.php in SoftBB 0.1, and possibly earlier, allows remote attackers to obtain the installation path via a null or invalid page[] parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/2300 exploitx_refsource_EXPLOIT-DB
    http://www.vupen.com/english/advisories/2006/3478 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1016785 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securityreason.com/securityalert/1521 third-party-advisoryx_refsource_SREASON
    http://acid-root.new.fr/advisories/10060904.txt x_refsource_MISC
    http://www.securityfocus.com/archive/1/445087/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:14:47.898Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "2300",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2300"
              },
              {
                "name": "ADV-2006-3478",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3478"
              },
              {
                "name": "1016785",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016785"
              },
              {
                "name": "softbb-index-path-disclosure(28748)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28748"
              },
              {
                "name": "1521",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1521"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://acid-root.new.fr/advisories/10060904.txt"
              },
              {
                "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "index.php in SoftBB 0.1, and possibly earlier, allows remote attackers to obtain the installation path via a null or invalid page[] parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "2300",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2300"
            },
            {
              "name": "ADV-2006-3478",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3478"
            },
            {
              "name": "1016785",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016785"
            },
            {
              "name": "softbb-index-path-disclosure(28748)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28748"
            },
            {
              "name": "1521",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1521"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://acid-root.new.fr/advisories/10060904.txt"
            },
            {
              "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4633",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "index.php in SoftBB 0.1, and possibly earlier, allows remote attackers to obtain the installation path via a null or invalid page[] parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "2300",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2300"
                },
                {
                  "name": "ADV-2006-3478",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3478"
                },
                {
                  "name": "1016785",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016785"
                },
                {
                  "name": "softbb-index-path-disclosure(28748)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28748"
                },
                {
                  "name": "1521",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1521"
                },
                {
                  "name": "http://acid-root.new.fr/advisories/10060904.txt",
                  "refsource": "MISC",
                  "url": "http://acid-root.new.fr/advisories/10060904.txt"
                },
                {
                  "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4633",
        "datePublished": "2006-09-08T20:00:00.000Z",
        "dateReserved": "2006-09-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:14:47.898Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4632 (GCVE-0-2006-4632)

    Vulnerability from nvd – Published: 2006-09-08 20:00 – Updated: 2024-08-07 19:14
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/2300 exploitx_refsource_EXPLOIT-DB
    http://www.osvdb.org/28578 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/28577 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/21761 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/3478 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1016785 vdb-entryx_refsource_SECTRACK
    http://securityreason.com/securityalert/1521 third-party-advisoryx_refsource_SREASON
    http://acid-root.new.fr/advisories/10060904.txt x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/445087/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:14:47.774Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "2300",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2300"
              },
              {
                "name": "28578",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/28578"
              },
              {
                "name": "28577",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/28577"
              },
              {
                "name": "21761",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21761"
              },
              {
                "name": "ADV-2006-3478",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3478"
              },
              {
                "name": "1016785",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016785"
              },
              {
                "name": "1521",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1521"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://acid-root.new.fr/advisories/10060904.txt"
              },
              {
                "name": "softbb-addmembre-sql-injection(28747)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28747"
              },
              {
                "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "2300",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2300"
            },
            {
              "name": "28578",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/28578"
            },
            {
              "name": "28577",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/28577"
            },
            {
              "name": "21761",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21761"
            },
            {
              "name": "ADV-2006-3478",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3478"
            },
            {
              "name": "1016785",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016785"
            },
            {
              "name": "1521",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1521"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://acid-root.new.fr/advisories/10060904.txt"
            },
            {
              "name": "softbb-addmembre-sql-injection(28747)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28747"
            },
            {
              "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4632",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "2300",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2300"
                },
                {
                  "name": "28578",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/28578"
                },
                {
                  "name": "28577",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/28577"
                },
                {
                  "name": "21761",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21761"
                },
                {
                  "name": "ADV-2006-3478",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3478"
                },
                {
                  "name": "1016785",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016785"
                },
                {
                  "name": "1521",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1521"
                },
                {
                  "name": "http://acid-root.new.fr/advisories/10060904.txt",
                  "refsource": "MISC",
                  "url": "http://acid-root.new.fr/advisories/10060904.txt"
                },
                {
                  "name": "softbb-addmembre-sql-injection(28747)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28747"
                },
                {
                  "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4632",
        "datePublished": "2006-09-08T20:00:00.000Z",
        "dateReserved": "2006-09-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:14:47.774Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4593 (GCVE-0-2006-4593)

    Vulnerability from nvd – Published: 2006-09-06 22:00 – Updated: 2024-08-07 19:14
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1016797 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/19847 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/1511 third-party-advisoryx_refsource_SREASON
    http://www.osvdb.org/29886 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/445157/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:14:47.607Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1016797",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016797"
              },
              {
                "name": "19847",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19847"
              },
              {
                "name": "1511",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1511"
              },
              {
                "name": "29886",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/29886"
              },
              {
                "name": "20060904 SoftBB v0.1 \u003c = Cross-Site Scripting",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445157/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1016797",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016797"
            },
            {
              "name": "19847",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19847"
            },
            {
              "name": "1511",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1511"
            },
            {
              "name": "29886",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/29886"
            },
            {
              "name": "20060904 SoftBB v0.1 \u003c = Cross-Site Scripting",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445157/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4593",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1016797",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016797"
                },
                {
                  "name": "19847",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19847"
                },
                {
                  "name": "1511",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1511"
                },
                {
                  "name": "29886",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/29886"
                },
                {
                  "name": "20060904 SoftBB v0.1 \u003c = Cross-Site Scripting",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445157/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4593",
        "datePublished": "2006-09-06T22:00:00.000Z",
        "dateReserved": "2006-09-06T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:14:47.607Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1327 (GCVE-0-2006-1327)

    Vulnerability from nvd – Published: 2006-03-21 01:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote attackers to execute arbitrary SQL commands via the mail parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/23999 vdb-entryx_refsource_OSVDB
    https://www.exploit-db.com/exploits/1594 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/17160 vdb-entryx_refsource_BID
    http://secunia.com/advisories/19283 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/1002 vdb-entryx_refsource_VUPEN
    Date Public
    2006-03-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:29.062Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "23999",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/23999"
              },
              {
                "name": "1594",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/1594"
              },
              {
                "name": "softbb-reg-sql-injection(25320)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25320"
              },
              {
                "name": "17160",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17160"
              },
              {
                "name": "19283",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19283"
              },
              {
                "name": "ADV-2006-1002",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote attackers to execute arbitrary SQL commands via the mail parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "23999",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/23999"
            },
            {
              "name": "1594",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/1594"
            },
            {
              "name": "softbb-reg-sql-injection(25320)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25320"
            },
            {
              "name": "17160",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17160"
            },
            {
              "name": "19283",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19283"
            },
            {
              "name": "ADV-2006-1002",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1002"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1327",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote attackers to execute arbitrary SQL commands via the mail parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "23999",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/23999"
                },
                {
                  "name": "1594",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/1594"
                },
                {
                  "name": "softbb-reg-sql-injection(25320)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25320"
                },
                {
                  "name": "17160",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17160"
                },
                {
                  "name": "19283",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19283"
                },
                {
                  "name": "ADV-2006-1002",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1002"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1327",
        "datePublished": "2006-03-21T01:00:00.000Z",
        "dateReserved": "2006-03-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:29.062Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-9561 (GCVE-0-2014-9561)

    Vulnerability from cvelistv5 – Published: 2015-01-15 15:00 – Updated: 2024-08-06 13:47
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to inject arbitrary web script or HTML via the post parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-01-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T13:47:41.640Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "71987",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/71987"
              },
              {
                "name": "20150110 CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2015/Jan/21"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/129889/SoftBB-0.1.3-Cross-Site-Scripting.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://tetraph.com/security/cves/cve-2014-9561-softbb-net-softbb-xss-cross-site-scripting-security-vulnerability/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-01-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to inject arbitrary web script or HTML via the post parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2015-01-15T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "71987",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/71987"
            },
            {
              "name": "20150110 CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2015/Jan/21"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/129889/SoftBB-0.1.3-Cross-Site-Scripting.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://tetraph.com/security/cves/cve-2014-9561-softbb-net-softbb-xss-cross-site-scripting-security-vulnerability/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-9561",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to inject arbitrary web script or HTML via the post parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "71987",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/71987"
                },
                {
                  "name": "20150110 CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2015/Jan/21"
                },
                {
                  "name": "http://packetstormsecurity.com/files/129889/SoftBB-0.1.3-Cross-Site-Scripting.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/129889/SoftBB-0.1.3-Cross-Site-Scripting.html"
                },
                {
                  "name": "http://tetraph.com/security/cves/cve-2014-9561-softbb-net-softbb-xss-cross-site-scripting-security-vulnerability/",
                  "refsource": "MISC",
                  "url": "http://tetraph.com/security/cves/cve-2014-9561-softbb-net-softbb-xss-cross-site-scripting-security-vulnerability/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-9561",
        "datePublished": "2015-01-15T15:00:00.000Z",
        "dateReserved": "2015-01-07T00:00:00.000Z",
        "dateUpdated": "2024-08-06T13:47:41.640Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-9560 (GCVE-0-2014-9560)

    Vulnerability from cvelistv5 – Published: 2015-01-15 15:00 – Updated: 2024-08-06 13:47
    VLAI
    Summary
    SQL injection vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to execute arbitrary SQL commands via the post parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-01-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T13:47:41.566Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/129888/SoftBB-0.1.3-SQL-Injection.html"
              },
              {
                "name": "71986",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/71986"
              },
              {
                "name": "20150110 CVE-2014-9560 Softbb.net SoftBB SQL Injection Security Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2015/Jan/20"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://tetraph.com/security/cves/cve-2014-9560-softbb-net-softbb-sql-injection-security-vulnerability/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-01-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to execute arbitrary SQL commands via the post parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2015-01-15T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/129888/SoftBB-0.1.3-SQL-Injection.html"
            },
            {
              "name": "71986",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/71986"
            },
            {
              "name": "20150110 CVE-2014-9560 Softbb.net SoftBB SQL Injection Security Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2015/Jan/20"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://tetraph.com/security/cves/cve-2014-9560-softbb-net-softbb-sql-injection-security-vulnerability/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-9560",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in redir_last_post_list.php in SoftBB 0.1.3 allows remote attackers to execute arbitrary SQL commands via the post parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://packetstormsecurity.com/files/129888/SoftBB-0.1.3-SQL-Injection.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/129888/SoftBB-0.1.3-SQL-Injection.html"
                },
                {
                  "name": "71986",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/71986"
                },
                {
                  "name": "20150110 CVE-2014-9560 Softbb.net SoftBB SQL Injection Security Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2015/Jan/20"
                },
                {
                  "name": "http://tetraph.com/security/cves/cve-2014-9560-softbb-net-softbb-sql-injection-security-vulnerability/",
                  "refsource": "MISC",
                  "url": "http://tetraph.com/security/cves/cve-2014-9560-softbb-net-softbb-sql-injection-security-vulnerability/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-9560",
        "datePublished": "2015-01-15T15:00:00.000Z",
        "dateReserved": "2015-01-07T00:00:00.000Z",
        "dateUpdated": "2024-08-06T13:47:41.566Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4631 (GCVE-0-2006-4631)

    Vulnerability from cvelistv5 – Published: 2006-09-08 20:00 – Updated: 2024-08-07 19:14
    VLAI
    Summary
    Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php, which is accessible via a direct request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/2300 exploitx_refsource_EXPLOIT-DB
    http://secunia.com/advisories/21761 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/28579 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2006/3478 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1016785 vdb-entryx_refsource_SECTRACK
    http://securityreason.com/securityalert/1521 third-party-advisoryx_refsource_SREASON
    http://acid-root.new.fr/advisories/10060904.txt x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/445087/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:14:47.796Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "2300",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2300"
              },
              {
                "name": "21761",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21761"
              },
              {
                "name": "28579",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/28579"
              },
              {
                "name": "ADV-2006-3478",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3478"
              },
              {
                "name": "1016785",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016785"
              },
              {
                "name": "1521",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1521"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://acid-root.new.fr/advisories/10060904.txt"
              },
              {
                "name": "softbb-admin-file-include(28749)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28749"
              },
              {
                "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php, which is accessible via a direct request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "2300",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2300"
            },
            {
              "name": "21761",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21761"
            },
            {
              "name": "28579",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/28579"
            },
            {
              "name": "ADV-2006-3478",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3478"
            },
            {
              "name": "1016785",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016785"
            },
            {
              "name": "1521",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1521"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://acid-root.new.fr/advisories/10060904.txt"
            },
            {
              "name": "softbb-admin-file-include(28749)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28749"
            },
            {
              "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4631",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php, which is accessible via a direct request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "2300",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2300"
                },
                {
                  "name": "21761",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21761"
                },
                {
                  "name": "28579",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/28579"
                },
                {
                  "name": "ADV-2006-3478",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3478"
                },
                {
                  "name": "1016785",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016785"
                },
                {
                  "name": "1521",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1521"
                },
                {
                  "name": "http://acid-root.new.fr/advisories/10060904.txt",
                  "refsource": "MISC",
                  "url": "http://acid-root.new.fr/advisories/10060904.txt"
                },
                {
                  "name": "softbb-admin-file-include(28749)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28749"
                },
                {
                  "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4631",
        "datePublished": "2006-09-08T20:00:00.000Z",
        "dateReserved": "2006-09-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:14:47.796Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4633 (GCVE-0-2006-4633)

    Vulnerability from cvelistv5 – Published: 2006-09-08 20:00 – Updated: 2024-08-07 19:14
    VLAI
    Summary
    index.php in SoftBB 0.1, and possibly earlier, allows remote attackers to obtain the installation path via a null or invalid page[] parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/2300 exploitx_refsource_EXPLOIT-DB
    http://www.vupen.com/english/advisories/2006/3478 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1016785 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://securityreason.com/securityalert/1521 third-party-advisoryx_refsource_SREASON
    http://acid-root.new.fr/advisories/10060904.txt x_refsource_MISC
    http://www.securityfocus.com/archive/1/445087/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:14:47.898Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "2300",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2300"
              },
              {
                "name": "ADV-2006-3478",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3478"
              },
              {
                "name": "1016785",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016785"
              },
              {
                "name": "softbb-index-path-disclosure(28748)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28748"
              },
              {
                "name": "1521",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1521"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://acid-root.new.fr/advisories/10060904.txt"
              },
              {
                "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "index.php in SoftBB 0.1, and possibly earlier, allows remote attackers to obtain the installation path via a null or invalid page[] parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "2300",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2300"
            },
            {
              "name": "ADV-2006-3478",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3478"
            },
            {
              "name": "1016785",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016785"
            },
            {
              "name": "softbb-index-path-disclosure(28748)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28748"
            },
            {
              "name": "1521",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1521"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://acid-root.new.fr/advisories/10060904.txt"
            },
            {
              "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4633",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "index.php in SoftBB 0.1, and possibly earlier, allows remote attackers to obtain the installation path via a null or invalid page[] parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "2300",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2300"
                },
                {
                  "name": "ADV-2006-3478",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3478"
                },
                {
                  "name": "1016785",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016785"
                },
                {
                  "name": "softbb-index-path-disclosure(28748)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28748"
                },
                {
                  "name": "1521",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1521"
                },
                {
                  "name": "http://acid-root.new.fr/advisories/10060904.txt",
                  "refsource": "MISC",
                  "url": "http://acid-root.new.fr/advisories/10060904.txt"
                },
                {
                  "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4633",
        "datePublished": "2006-09-08T20:00:00.000Z",
        "dateReserved": "2006-09-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:14:47.898Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4632 (GCVE-0-2006-4632)

    Vulnerability from cvelistv5 – Published: 2006-09-08 20:00 – Updated: 2024-08-07 19:14
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.exploit-db.com/exploits/2300 exploitx_refsource_EXPLOIT-DB
    http://www.osvdb.org/28578 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/28577 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/21761 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/3478 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1016785 vdb-entryx_refsource_SECTRACK
    http://securityreason.com/securityalert/1521 third-party-advisoryx_refsource_SREASON
    http://acid-root.new.fr/advisories/10060904.txt x_refsource_MISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/445087/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:14:47.774Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "2300",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/2300"
              },
              {
                "name": "28578",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/28578"
              },
              {
                "name": "28577",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/28577"
              },
              {
                "name": "21761",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21761"
              },
              {
                "name": "ADV-2006-3478",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3478"
              },
              {
                "name": "1016785",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016785"
              },
              {
                "name": "1521",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1521"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://acid-root.new.fr/advisories/10060904.txt"
              },
              {
                "name": "softbb-addmembre-sql-injection(28747)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28747"
              },
              {
                "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "2300",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/2300"
            },
            {
              "name": "28578",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/28578"
            },
            {
              "name": "28577",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/28577"
            },
            {
              "name": "21761",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21761"
            },
            {
              "name": "ADV-2006-3478",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3478"
            },
            {
              "name": "1016785",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016785"
            },
            {
              "name": "1521",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1521"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://acid-root.new.fr/advisories/10060904.txt"
            },
            {
              "name": "softbb-addmembre-sql-injection(28747)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28747"
            },
            {
              "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4632",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "2300",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/2300"
                },
                {
                  "name": "28578",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/28578"
                },
                {
                  "name": "28577",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/28577"
                },
                {
                  "name": "21761",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21761"
                },
                {
                  "name": "ADV-2006-3478",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3478"
                },
                {
                  "name": "1016785",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016785"
                },
                {
                  "name": "1521",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1521"
                },
                {
                  "name": "http://acid-root.new.fr/advisories/10060904.txt",
                  "refsource": "MISC",
                  "url": "http://acid-root.new.fr/advisories/10060904.txt"
                },
                {
                  "name": "softbb-addmembre-sql-injection(28747)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28747"
                },
                {
                  "name": "20060904 SoftBB 0.1 Remote PHP Code Execution Exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445087/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4632",
        "datePublished": "2006-09-08T20:00:00.000Z",
        "dateReserved": "2006-09-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:14:47.774Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4593 (GCVE-0-2006-4593)

    Vulnerability from cvelistv5 – Published: 2006-09-06 22:00 – Updated: 2024-08-07 19:14
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1016797 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/19847 vdb-entryx_refsource_BID
    http://securityreason.com/securityalert/1511 third-party-advisoryx_refsource_SREASON
    http://www.osvdb.org/29886 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/445157/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:14:47.607Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1016797",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016797"
              },
              {
                "name": "19847",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19847"
              },
              {
                "name": "1511",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1511"
              },
              {
                "name": "29886",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/29886"
              },
              {
                "name": "20060904 SoftBB v0.1 \u003c = Cross-Site Scripting",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445157/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1016797",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016797"
            },
            {
              "name": "19847",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19847"
            },
            {
              "name": "1511",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1511"
            },
            {
              "name": "29886",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/29886"
            },
            {
              "name": "20060904 SoftBB v0.1 \u003c = Cross-Site Scripting",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445157/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4593",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1016797",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016797"
                },
                {
                  "name": "19847",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19847"
                },
                {
                  "name": "1511",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1511"
                },
                {
                  "name": "29886",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/29886"
                },
                {
                  "name": "20060904 SoftBB v0.1 \u003c = Cross-Site Scripting",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445157/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4593",
        "datePublished": "2006-09-06T22:00:00.000Z",
        "dateReserved": "2006-09-06T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:14:47.607Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1327 (GCVE-0-2006-1327)

    Vulnerability from cvelistv5 – Published: 2006-03-21 01:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote attackers to execute arbitrary SQL commands via the mail parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/23999 vdb-entryx_refsource_OSVDB
    https://www.exploit-db.com/exploits/1594 exploitx_refsource_EXPLOIT-DB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/17160 vdb-entryx_refsource_BID
    http://secunia.com/advisories/19283 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/1002 vdb-entryx_refsource_VUPEN
    Date Public
    2006-03-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:29.062Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "23999",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/23999"
              },
              {
                "name": "1594",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/1594"
              },
              {
                "name": "softbb-reg-sql-injection(25320)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25320"
              },
              {
                "name": "17160",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17160"
              },
              {
                "name": "19283",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19283"
              },
              {
                "name": "ADV-2006-1002",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote attackers to execute arbitrary SQL commands via the mail parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-18T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "23999",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/23999"
            },
            {
              "name": "1594",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/1594"
            },
            {
              "name": "softbb-reg-sql-injection(25320)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25320"
            },
            {
              "name": "17160",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17160"
            },
            {
              "name": "19283",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19283"
            },
            {
              "name": "ADV-2006-1002",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1002"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1327",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote attackers to execute arbitrary SQL commands via the mail parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "23999",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/23999"
                },
                {
                  "name": "1594",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/1594"
                },
                {
                  "name": "softbb-reg-sql-injection(25320)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25320"
                },
                {
                  "name": "17160",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17160"
                },
                {
                  "name": "19283",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19283"
                },
                {
                  "name": "ADV-2006-1002",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1002"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1327",
        "datePublished": "2006-03-21T01:00:00.000Z",
        "dateReserved": "2006-03-20T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:29.062Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }