Vulnerabilities > Aspbb > Aspbb > 0.4

DATE CVE VULNERABILITY TITLE RISK
2006-05-30 CVE-2006-2648 Cross-Site Scripting vulnerability in ASPBB Perform_search.ASP
Cross-site scripting (XSS) vulnerability in perform_search.asp for ASPBB 0.52 and earlier allows remote attackers to inject arbitrary HTML or web script via the search parameter.
network
high complexity
aspbb
2.6
2.6
2005-12-15 CVE-2005-4259 SQL Injection vulnerability in Aspbb 0.4
Multiple SQL injection vulnerabilities in ASPBB 0.4 allow remote attackers to execute arbitrary SQL commands via the (1) TID parameter in topic.asp, (2) FORUM_ID parameter in forum.asp, and (3) PROFILE_ID parameter in profile.asp.
network
low complexity
aspbb
7.5
7.5