CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Pd9 Software: >> Megabbs >> 2.2 Security Vulnerabilities

CVE-2008-2022

Mulatiple cross-site scripting (XSS) vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) toid parameter to send-private-message.asp and the (2) redirect parameter to admin/impersonate.asp. NOTE: vector 2 requires authentication.

CVSS Score

4.3

EPSS Score

0.02

Published

2008-04-30

CVE-2008-2023

Multiple SQL injection vulnerabilities in PD9 Software MegaBBS 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) invisible and (2) timeoffset parameters to profile/controlpanel.asp and the (3) attachmentid parameter to forums/attach-file.asp.

CVSS Score

7.5

EPSS Score

0.004

Published

2008-04-30

Page 1

Vulnerabilities

Vulnerable Software

Pd9 Software: >> Megabbs >> 2.2 Security Vulnerabilities

Products

Pricing

Contact Us