Vendor Dictionary: OpenBB

OpenBB

Short Name:	OpenBB
Previous Names:	[None Entered]
URL:	http://www.openbb.com/ [visit link]
Email:	[None Entered]
Security URL:	[None Entered]
Security Email:	[None Entered]
Knowledge Base:	[None Entered]
Notes:	[No Notes]

Vulnerabilities by Vendor Product

OpenBB

OpenBB

OpenBB: 1.0.0 RC3; OSVDB ID: 86922 OpenBB myhome.php box Parameter XSS

Open Bulletin Board: 1.0.0; OSVDB ID: 3220 OpenBB board.php FID Parameter XSS; OSVDB ID: 3342 OpenBB index.php CID Parameter SQL Injection; OSVDB ID: 5658 OpenBB Multiple Tag XSS; OSVDB ID: 5662 OpenBB moderator.php Unauthorized Administrator Access; 1.0.2; OSVDB ID: 3220 OpenBB board.php FID Parameter XSS; OSVDB ID: 5649 OpenBB member.php redirect Parameter XSS; OSVDB ID: 5650 OpenBB myhome.php to Parameter XSS; OSVDB ID: 5651 OpenBB post.php TID Parameter XSS; OSVDB ID: 5652 OpenBB index.php redirect Parameter XSS; OSVDB ID: 5653 OpenBB board.php FID Parameter SQL Injection; OSVDB ID: 5654 OpenBB member.php Multiple Parameter SQL Injection; OSVDB ID: 5655 OpenBB search.php q Parameter SQL Injection; OSVDB ID: 5656 OpenBB post.php Multiple Parameter SQL Injection; OSVDB ID: 5657 OpenBB [IMG] Tag Arbitrary BB Command Execution; OSVDB ID: 5659 OpenBB board.php FID Parameter SQL Injection; OSVDB ID: 5660 OpenBB myhome.php Arbitrary Private Message Access; OSVDB ID: 5661 OpenBB member.php UID Parameter SQL Injection; OSVDB ID: 5663 OpenBB Avatar Arbitrary File Upload; OSVDB ID: 3342 OpenBB index.php CID Parameter SQL Injection; 1.0.3; OSVDB ID: 3220 OpenBB board.php FID Parameter XSS; OSVDB ID: 5649 OpenBB member.php redirect Parameter XSS; OSVDB ID: 5650 OpenBB myhome.php to Parameter XSS; OSVDB ID: 5651 OpenBB post.php TID Parameter XSS; OSVDB ID: 5652 OpenBB index.php redirect Parameter XSS; OSVDB ID: 5653 OpenBB board.php FID Parameter SQL Injection; OSVDB ID: 5654 OpenBB member.php Multiple Parameter SQL Injection; OSVDB ID: 5655 OpenBB search.php q Parameter SQL Injection; OSVDB ID: 5656 OpenBB post.php Multiple Parameter SQL Injection; OSVDB ID: 5657 OpenBB [IMG] Tag Arbitrary BB Command Execution; OSVDB ID: 5659 OpenBB board.php FID Parameter SQL Injection; OSVDB ID: 5660 OpenBB myhome.php Arbitrary Private Message Access; OSVDB ID: 5661 OpenBB member.php UID Parameter SQL Injection; OSVDB ID: 5663 OpenBB Avatar Arbitrary File Upload; OSVDB ID: 3342 OpenBB index.php CID Parameter SQL Injection; 1.0.4; OSVDB ID: 3220 OpenBB board.php FID Parameter XSS; OSVDB ID: 5649 OpenBB member.php redirect Parameter XSS; OSVDB ID: 5650 OpenBB myhome.php to Parameter XSS; OSVDB ID: 5651 OpenBB post.php TID Parameter XSS; OSVDB ID: 5652 OpenBB index.php redirect Parameter XSS; OSVDB ID: 5653 OpenBB board.php FID Parameter SQL Injection; OSVDB ID: 5654 OpenBB member.php Multiple Parameter SQL Injection; OSVDB ID: 5655 OpenBB search.php q Parameter SQL Injection; OSVDB ID: 5656 OpenBB post.php Multiple Parameter SQL Injection; OSVDB ID: 5657 OpenBB [IMG] Tag Arbitrary BB Command Execution; OSVDB ID: 5659 OpenBB board.php FID Parameter SQL Injection; OSVDB ID: 5660 OpenBB myhome.php Arbitrary Private Message Access; OSVDB ID: 5661 OpenBB member.php UID Parameter SQL Injection; OSVDB ID: 5663 OpenBB Avatar Arbitrary File Upload; OSVDB ID: 3342 OpenBB index.php CID Parameter SQL Injection; 1.0.5; OSVDB ID: 3220 OpenBB board.php FID Parameter XSS; OSVDB ID: 5649 OpenBB member.php redirect Parameter XSS; OSVDB ID: 5650 OpenBB myhome.php to Parameter XSS; OSVDB ID: 5651 OpenBB post.php TID Parameter XSS; OSVDB ID: 5652 OpenBB index.php redirect Parameter XSS; OSVDB ID: 5653 OpenBB board.php FID Parameter SQL Injection; OSVDB ID: 5654 OpenBB member.php Multiple Parameter SQL Injection; OSVDB ID: 5655 OpenBB search.php q Parameter SQL Injection; OSVDB ID: 5656 OpenBB post.php Multiple Parameter SQL Injection; OSVDB ID: 5657 OpenBB [IMG] Tag Arbitrary BB Command Execution; OSVDB ID: 5659 OpenBB board.php FID Parameter SQL Injection; OSVDB ID: 5660 OpenBB myhome.php Arbitrary Private Message Access; OSVDB ID: 5661 OpenBB member.php UID Parameter SQL Injection; OSVDB ID: 5663 OpenBB Avatar Arbitrary File Upload; OSVDB ID: 3342 OpenBB index.php CID Parameter SQL Injection; 1.0.6; OSVDB ID: 3220 OpenBB board.php FID Parameter XSS; OSVDB ID: 5649 OpenBB member.php redirect Parameter XSS; OSVDB ID: 5650 OpenBB myhome.php to Parameter XSS; OSVDB ID: 5651 OpenBB post.php TID Parameter XSS; OSVDB ID: 5652 OpenBB index.php redirect Parameter XSS; OSVDB ID: 5653 OpenBB board.php FID Parameter SQL Injection; OSVDB ID: 5654 OpenBB member.php Multiple Parameter SQL Injection; OSVDB ID: 5655 OpenBB search.php q Parameter SQL Injection; OSVDB ID: 5656 OpenBB post.php Multiple Parameter SQL Injection; OSVDB ID: 5657 OpenBB [IMG] Tag Arbitrary BB Command Execution; OSVDB ID: 5659 OpenBB board.php FID Parameter SQL Injection; OSVDB ID: 5660 OpenBB myhome.php Arbitrary Private Message Access; OSVDB ID: 5661 OpenBB member.php UID Parameter SQL Injection; OSVDB ID: 5663 OpenBB Avatar Arbitrary File Upload; OSVDB ID: 5664 OpenBB myhome.php id Parameter SQL Injection; OSVDB ID: 3342 OpenBB index.php CID Parameter SQL Injection; 1.0.1; OSVDB ID: 5649 OpenBB member.php redirect Parameter XSS; OSVDB ID: 5650 OpenBB myhome.php to Parameter XSS; OSVDB ID: 5651 OpenBB post.php TID Parameter XSS; OSVDB ID: 5652 OpenBB index.php redirect Parameter XSS; OSVDB ID: 5653 OpenBB board.php FID Parameter SQL Injection; OSVDB ID: 5654 OpenBB member.php Multiple Parameter SQL Injection; OSVDB ID: 5655 OpenBB search.php q Parameter SQL Injection; OSVDB ID: 5656 OpenBB post.php Multiple Parameter SQL Injection; OSVDB ID: 5657 OpenBB [IMG] Tag Arbitrary BB Command Execution; OSVDB ID: 5659 OpenBB board.php FID Parameter SQL Injection; OSVDB ID: 5660 OpenBB myhome.php Arbitrary Private Message Access; OSVDB ID: 5661 OpenBB member.php UID Parameter SQL Injection; OSVDB ID: 5663 OpenBB Avatar Arbitrary File Upload; OSVDB ID: 3342 OpenBB index.php CID Parameter SQL Injection; 1.0.0 RC1; OSVDB ID: 5658 OpenBB Multiple Tag XSS; OSVDB ID: 5662 OpenBB moderator.php Unauthorized Administrator Access; 1.0.0 RC2; OSVDB ID: 5658 OpenBB Multiple Tag XSS; OSVDB ID: 5662 OpenBB moderator.php Unauthorized Administrator Access; 1.0.0 RC3; OSVDB ID: 5658 OpenBB Multiple Tag XSS; OSVDB ID: 5662 OpenBB moderator.php Unauthorized Administrator Access

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.