Vulnerabilities > Ideal Science > Idealbb > 1.4.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-05-12 | CVE-2006-2318 | Input Validation vulnerability in IdealBB Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server. | 7.5 |
2004-12-31 | CVE-2004-2209 | Remote Input Validation vulnerability in Ideal Science IdealBB SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2004-12-31 | CVE-2004-2208 | Remote Input Validation vulnerability in Ideal Science IdealBB CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors. | 5.0 |
2004-12-31 | CVE-2004-2207 | Remote Input Validation vulnerability in Ideal Science IdealBB Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network ideal-science | 4.3 |