Pd9 Software » Megabbs » 2.1 : Security Vulnerabilities, CVEs,

cpe:2.3:a:pd9_software:megabbs:2.1:*:*:*:*:*:*:*

CVE-2006-0139

The send-private-message functionality (send-private-message.asp) in PD9 Software MegaBBS 2.1 allows remote attackers to read private messages of other users via a modified replyid parameter.
Max CVSS
5.0
EPSS Score
1.03%
Published
2006-01-09
Updated
2017-07-20

CVE-2004-2653

Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1 allows attackers to gain privileges via unknown vectors involving (1) admin/userlevelmembers-edit.asp and (2) admin/edit-groups.asp.
Max CVSS
7.5
EPSS Score
0.19%
Published
2004-12-31
Updated
2008-09-05

CVE-2004-2146

CRLF injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows attackers to conduct HTTP response splitting attacks via the fid parameter in a writenew action to thread-post.asp.
Max CVSS
5.0
EPSS Score
0.20%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-2145

SQL injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows remote attackers to execute arbitrary SQL commands via the (1) sortdir or (2) criteria parameter to ladder-log.asp or the (3) memberid or (4) teamid parameter to view-profile.asp.
Max CVSS
7.5
EPSS Score
0.20%
Published
2004-12-31
Updated
2017-07-11
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close