Ideal Science » Idealbb » 1.5_beta4 : Security Vulnerabilities, CVEs, CVSS score >= 1
Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server.
Max CVSS
7.5
EPSS Score
6.34%
Published
2006-05-12
Updated
2018-10-18
SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Max CVSS
7.5
EPSS Score
0.32%
Published
2004-12-31
Updated
2008-09-05
CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors.
Max CVSS
5.0
EPSS Score
0.18%
Published
2004-12-31
Updated
2008-09-05
Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Max CVSS
4.3
EPSS Score
0.15%
Published
2004-12-31
Updated
2008-09-05
4 vulnerabilities found