Vulnerabilities > Logoshows

DATE	CVE	VULNERABILITY TITLE	RISK
2010-05-11	CVE-2009-4872	SQL Injection vulnerability in Logoshows BBS 2.0 Multiple SQL injection vulnerabilities in globepersonnel_login.asp in Logoshows BBS 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. network low complexity logoshows CWE-89	7.5
2010-05-11	CVE-2009-4871	SQL Injection vulnerability in Logoshows BBS 2.0 SQL injection vulnerability in globepersonnel_forum.asp in Logoshows BBS 2.0 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. network low complexity logoshows CWE-89	7.5
2010-01-04	CVE-2009-4546	Improper Input Validation vulnerability in Logoshows BBS 2.0 globepersonnel_login.asp in Logoshows BBS 2.0 allows remote attackers to bypass authentication and gain administrative access by setting the (1) pb_username (aka pb%5Fusername) and (2) level cookies. network low complexity logoshows CWE-20	7.5
2010-01-04	CVE-2009-4545	Permissions, Privileges, and Access Controls vulnerability in Logoshows BBS 2.0 Logoshows BBS 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/globepersonnel.mdb. network low complexity logoshows CWE-264	5.0

Vulnerabilities > Logoshows {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Logoshows"}]}