Ideal Science Idealbb version 1.5_beta4 : Security vulnerabilities, CVEs

cpe:2.3:a:ideal_science:idealbb:1.5_beta4:*:*:*:*:*:*:*

CVE-2006-2318

Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server.

Max CVSS

7.5

EPSS Score

6.34%

Published

2006-05-12

Updated

2018-10-18

CVE-2004-2209

SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Max CVSS

7.5

EPSS Score

0.32%

Published

2004-12-31

Updated

2008-09-05

CVE-2004-2208

CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors.

Max CVSS

5.0

EPSS Score

0.18%

Published

2004-12-31

Updated

2008-09-05

CVE-2004-2207

Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Max CVSS

4.3

EPSS Score

0.15%

Published

2004-12-31

Updated

2008-09-05

4 vulnerabilities found

Ideal Science » Idealbb » 1.5_beta4 : Security Vulnerabilities, CVEs, CVSS score >= 4

CVE-2006-2318

CVE-2004-2209

CVE-2004-2208

CVE-2004-2207