PostBoard 2.0.1 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \0 characters within [code] tags.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| postboard | postboard | 2.0.1 |
| postboard | postboard | 2.0 |
Cross-site scripting vulnerabilities in PostBoard 2.0.1 and earlier allows remote attackers to execute script as other users via (1) an [IMG] tag when BBCode is enabled, or (2) in a topic title.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| postnuke_software_foundation | postnuke | 0.64 |
| postboard | postboard | 2.0.1 |
| postnuke_software_foundation | postnuke | 0.703 |
| postboard | postboard | 2.0 |
| postnuke_software_foundation | postnuke | 0.70 |
| postnuke_software_foundation | postnuke | 0.71 |