Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Logoshows Bbs Security Vulnerabilities

cve
cve

CVE-2009-4545

Logoshows BBS 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/globepersonnel.mdb.

6.5AI Score

0.003EPSS

2010-01-04 05:30 PM
22
cve
cve

CVE-2009-4546

globepersonnel_login.asp in Logoshows BBS 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the (1) pb_username (aka pb%5Fusername) and (2) level cookies.

7.4AI Score

0.006EPSS

2010-01-04 05:30 PM
26
cve
cve

CVE-2009-4871

SQL injection vulnerability in globepersonnel_forum.asp in Logoshows BBS 2.0 allows remote attackers to execute arbitrary SQL commands via the forumid parameter.

8.7AI Score

0.001EPSS

2010-05-11 12:02 PM
34
cve
cve

CVE-2009-4872

Multiple SQL injection vulnerabilities in globepersonnel_login.asp in Logoshows BBS 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.

8.9AI Score

0.001EPSS

2010-05-11 12:02 PM
31