Known Vulnerabilities for products from Deluxebb
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Deluxebb".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2011-3725 json | DeluxeBB 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the i... | Not Provided | 2011-09-23 | 2026-04-29 |
| CVE-2010-4151 json | SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remo... | Not Provided | 2010-11-03 | 2026-04-29 |
| CVE-2010-1859 json | SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier, when magic_quotes_gpc is disabled, allows remote atta... | Not Provided | 2010-05-07 | 2026-04-29 |
| CVE-2009-4468 json | Cross-site scripting (XSS) vulnerability in misc.php in DeluxeBB 1.3 allows remote attackers to inject arbitrary web script o... | Not Provided | 2009-12-30 | 2026-04-23 |
| CVE-2009-4467 json | misc.php in DeluxeBB 1.3 allows remote attackers to register accounts without a valid email address via a valemail action wit... | Not Provided | 2009-12-30 | 2026-04-23 |
| CVE-2009-4466 json | DeluxeBB 1.3 allows remote attackers to obtain sensitive information via a crafted page parameter to misc.php, which reveals ... | Not Provided | 2009-12-30 | 2026-04-23 |
| CVE-2009-4465 json | DeluxeBB 1.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers ... | Not Provided | 2009-12-30 | 2026-04-23 |
| CVE-2009-1033 json | SQL injection vulnerability in misc.php in DeluxeBB 1.3 and earlier allows remote attackers to execute arbitrary SQL commands... | Not Provided | 2009-03-20 | 2026-04-23 |
| CVE-2008-6146 json | SQL injection vulnerability in pm.php in DeluxeBB 1.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers... | Not Provided | 2009-02-16 | 2026-04-23 |
| CVE-2008-2195 json | Static code injection vulnerability in admincp.php in DeluxeBB 1.2 and earlier allows remote authenticated administrators to ... | Not Provided | 2008-05-14 | 2026-04-23 |
| CVE-2008-2194 json | SQL injection vulnerability in forums.php in DeluxeBB 1.2 and earlier allows remote attackers to execute arbitrary SQL comman... | Not Provided | 2008-05-14 | 2026-04-23 |
| CVE-2008-0439 json | Cross-site scripting (XSS) vulnerability in templates/default/admincp/attachments_header.php in DeluxeBB 1.1 allows remote at... | Not Provided | 2008-01-23 | 2026-04-23 |
| CVE-2007-6237 json | cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the authenticated member during a prof... | Not Provided | 2007-12-04 | 2026-04-23 |
| CVE-2006-5154 json | PHP remote file inclusion vulnerability in cp/sig.php in DeluxeBB 1.09 and earlier allows remote attackers to execute arbitra... | Not Provided | 2006-10-05 | 2026-04-23 |
| CVE-2006-4558 json | DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute ar... | 7.5 - HIGH | 2006-09-06 | 2024-01-26 |
| CVE-2006-4080 json | DeluxeBB 1.08, and possibly earlier, uses cookies that include the MD5 hash of a password, which allows remote attackers to g... | 2.6 - LOW | 2006-08-11 | 2018-10-17 |
| CVE-2006-4079 json | Cross-site scripting (XSS) vulnerability in newpost.php in DeluxeBB 1.08, and possibly earlier, allows remote attackers to in... | 6.8 - MEDIUM | 2006-08-11 | 2018-10-17 |
| CVE-2006-4078 json | pm.php (aka the PM system) in DeluxeBB 1.08, and possibly earlier, allows remote attackers to bypass authentication by provid... | 7.5 - HIGH | 2006-08-11 | 2018-10-17 |
| CVE-2006-3799 json | DeluxeBB 1.07 and earlier allows remote attackers to bypass SQL injection protection mechanisms via the login variable and ce... | 7.5 - HIGH | 2006-07-24 | 2018-10-17 |
| CVE-2006-3798 json | DeluxeBB 1.07 and earlier allows remote attackers to overwrite the (1) _GET, (2) _POST, (3) _ENV, and (4) _SERVER variables v... | 5 - MEDIUM | 2006-07-24 | 2018-10-17 |