Roozbeh Afrasiabi

#8981of 53,633
30.4Total CVSS
Vulnerabilities · 5
Medium
4
High
1
PT-2006-4799
4.3
2006-08-01
Mybulletinboard · Mybb · CVE-2006-3953
**Name of the Vulnerable Software and Affected Versions** MyBB (aka MyBulletinBoard) version 1.x **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the `gallery` parameter in the usercp.php file. **Recommendations** For MyBB (aka MyBulletinBoard) version 1.x, update to a version that fixes this issue, ensuring the `gallery` parameter in usercp.php is properly sanitized to prevent arbitrary web script or HTML injection.
PT-2006-4800
5.0
2006-08-01
Mybb · Mybb · CVE-2006-3954
**Name of the Vulnerable Software and Affected Versions** MyBB versions 1.x **Description** The issue allows remote attackers to read arbitrary files via a .. (dot dot) in the `gallery` parameter in a (1) avatar or (2) do avatar action. **Recommendations** For MyBB version 1.x, update to a version that fixes this issue to prevent directory traversal attacks.
PT-2006-2232
4.3
2006-03-14
Runcms · Runcms · CVE-2006-1216
**Name of the Vulnerable Software and Affected Versions** Runcms versions 1.x **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `id` parameter in the bigshow.php file. **Recommendations** For Runcms version 1.x, consider restricting access to the bigshow.php file until a patch is available, and avoid using the `id` parameter in this context to minimize the risk of exploitation.
PT-2006-2148
6.8
2006-03-09
Cutenews · Cutenews · CVE-2006-1121
**Name of the Vulnerable Software and Affected Versions** CuteNews version 1.4.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the query string to "index.php". This could potentially lead to unauthorized actions on the affected system. **Recommendations** For CuteNews version 1.4.1, update to a newer version that contains a fix for this issue.
PT-2004-1379
10
2004-10-16
Samba · Samba · CVE-2004-0214
**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer and Explorer versions on Windows XP SP1, Windows 2000, Windows 98, and Windows Me **Description** A buffer overflow issue may allow remote malicious servers to cause a denial of service, potentially leading to application crashes, and possibly execute arbitrary code via long share names. This issue can be demonstrated using Samba. **Recommendations** For Microsoft Internet Explorer and Explorer on Windows XP SP1, Windows 2000, Windows 98, and Windows Me, at the moment, there is no information about a newer version that contains a fix for this issue.