Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities by bolinos
CVE-2008-1555 (GCVE-0-2008-1555)
Vulnerability from nvd – Published: 2008-03-31 17:00 – Updated: 2024-08-07 08:24
VLAI
Summary
Directory traversal vulnerability in system/_b/contentFiles/gbincluder.php in BolinOS 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _bFileToInclude parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/28445 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/5309 | exploitx_refsource_EXPLOIT-DB |
| http://securityreason.com/securityalert/3788 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/490058/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/29535 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-03-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:42.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28445",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28445"
},
{
"name": "5309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "bolinos-gbincluder-file-include(41431)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41431"
},
{
"name": "29535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in system/_b/contentFiles/gbincluder.php in BolinOS 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _bFileToInclude parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28445",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28445"
},
{
"name": "5309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "bolinos-gbincluder-file-include(41431)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41431"
},
{
"name": "29535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1555",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in system/_b/contentFiles/gbincluder.php in BolinOS 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _bFileToInclude parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28445",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28445"
},
{
"name": "5309",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "bolinos-gbincluder-file-include(41431)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41431"
},
{
"name": "29535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1555",
"datePublished": "2008-03-31T17:00:00.000Z",
"dateReserved": "2008-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:24:42.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1557 (GCVE-0-2008-1557)
Vulnerability from nvd – Published: 2008-03-31 17:00 – Updated: 2024-08-07 08:24
VLAI
Summary
BolinOS 4.6.1 allows remote attackers to obtain sensitive information via a direct request to system/actionspages/_b/contentFiles/gBphpInfo.php, which calls the phpinfo function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/5309 | exploitx_refsource_EXPLOIT-DB |
| http://securityreason.com/securityalert/3788 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/490058/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/29535 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-03-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:42.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "bolinos-gbphpinfo-information-disclosure(41434)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41434"
},
{
"name": "29535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BolinOS 4.6.1 allows remote attackers to obtain sensitive information via a direct request to system/actionspages/_b/contentFiles/gBphpInfo.php, which calls the phpinfo function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "bolinos-gbphpinfo-information-disclosure(41434)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41434"
},
{
"name": "29535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BolinOS 4.6.1 allows remote attackers to obtain sensitive information via a direct request to system/actionspages/_b/contentFiles/gBphpInfo.php, which calls the phpinfo function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5309",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "bolinos-gbphpinfo-information-disclosure(41434)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41434"
},
{
"name": "29535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1557",
"datePublished": "2008-03-31T17:00:00.000Z",
"dateReserved": "2008-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:24:42.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1556 (GCVE-0-2008-1556)
Vulnerability from nvd – Published: 2008-03-31 17:00 – Updated: 2024-08-07 08:24
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) system/actionspages/_b/contentFiles/gBImageViewer.php, (2) ForEditor parameter to (b) system/actionspages/_b/contentFiles/gBselectorContents.php, (3) the PATH_INFO to (c) gBLoginPage.php and (d) gBPassword.php in system/actionspages/_b/contentFiles/, (4) formlogin parameter to system/actionspages/_b/contentFiles/gBLoginPage.php, and the (5) bolini_searchengine46Search parameter to (e) help/index.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/28445 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://www.exploit-db.com/exploits/5309 | exploitx_refsource_EXPLOIT-DB |
| http://securityreason.com/securityalert/3788 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/490058/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/29535 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-03-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:42.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28445",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28445"
},
{
"name": "bolinos-multiple-xss(41432)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41432"
},
{
"name": "5309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "29535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) system/actionspages/_b/contentFiles/gBImageViewer.php, (2) ForEditor parameter to (b) system/actionspages/_b/contentFiles/gBselectorContents.php, (3) the PATH_INFO to (c) gBLoginPage.php and (d) gBPassword.php in system/actionspages/_b/contentFiles/, (4) formlogin parameter to system/actionspages/_b/contentFiles/gBLoginPage.php, and the (5) bolini_searchengine46Search parameter to (e) help/index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28445",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28445"
},
{
"name": "bolinos-multiple-xss(41432)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41432"
},
{
"name": "5309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "29535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) system/actionspages/_b/contentFiles/gBImageViewer.php, (2) ForEditor parameter to (b) system/actionspages/_b/contentFiles/gBselectorContents.php, (3) the PATH_INFO to (c) gBLoginPage.php and (d) gBPassword.php in system/actionspages/_b/contentFiles/, (4) formlogin parameter to system/actionspages/_b/contentFiles/gBLoginPage.php, and the (5) bolini_searchengine46Search parameter to (e) help/index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28445",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28445"
},
{
"name": "bolinos-multiple-xss(41432)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41432"
},
{
"name": "5309",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "29535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1556",
"datePublished": "2008-03-31T17:00:00.000Z",
"dateReserved": "2008-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:24:42.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4850 (GCVE-0-2006-4850)
Vulnerability from nvd – Published: 2006-09-19 01:00 – Updated: 2024-08-07 19:23
VLAI
Summary
PHP remote file inclusion vulnerability in system/_b/contentFiles/gBIndex.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/20037 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/2372 | exploitx_refsource_EXPLOIT-DB |
| http://securityreason.com/securityalert/1593 | third-party-advisoryx_refsource_SREASON |
| http://www.vupen.com/english/advisories/2006/3642 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/446113/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/21965 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-09-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20037",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20037"
},
{
"name": "2372",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2372"
},
{
"name": "1593",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1593"
},
{
"name": "ADV-2006-3642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3642"
},
{
"name": "20060915 BolinOS v.4.5.5 \u003c= (gBRootPath) Remote File Include Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/446113/100/0/threaded"
},
{
"name": "21965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21965"
},
{
"name": "bolinos-index-file-include(28991)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28991"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in system/_b/contentFiles/gBIndex.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20037",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20037"
},
{
"name": "2372",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2372"
},
{
"name": "1593",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1593"
},
{
"name": "ADV-2006-3642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3642"
},
{
"name": "20060915 BolinOS v.4.5.5 \u003c= (gBRootPath) Remote File Include Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/446113/100/0/threaded"
},
{
"name": "21965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21965"
},
{
"name": "bolinos-index-file-include(28991)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28991"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in system/_b/contentFiles/gBIndex.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20037",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20037"
},
{
"name": "2372",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2372"
},
{
"name": "1593",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1593"
},
{
"name": "ADV-2006-3642",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3642"
},
{
"name": "20060915 BolinOS v.4.5.5 \u003c= (gBRootPath) Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446113/100/0/threaded"
},
{
"name": "21965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21965"
},
{
"name": "bolinos-index-file-include(28991)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28991"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4850",
"datePublished": "2006-09-19T01:00:00.000Z",
"dateReserved": "2006-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:23:41.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4851 (GCVE-0-2006-4851)
Vulnerability from nvd – Published: 2006-09-19 01:00 – Updated: 2024-08-07 19:23
VLAI
Summary
PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHTMLEditor.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/84179 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/3642 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-09-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.258Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "84179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/84179"
},
{
"name": "ADV-2006-3642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3642"
},
{
"name": "bolinos-index-file-include(28991)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28991"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHTMLEditor.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "84179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/84179"
},
{
"name": "ADV-2006-3642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3642"
},
{
"name": "bolinos-index-file-include(28991)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28991"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHTMLEditor.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "84179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84179"
},
{
"name": "ADV-2006-3642",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3642"
},
{
"name": "bolinos-index-file-include(28991)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28991"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4851",
"datePublished": "2006-09-19T01:00:00.000Z",
"dateReserved": "2006-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:23:41.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1555 (GCVE-0-2008-1555)
Vulnerability from cvelistv5 – Published: 2008-03-31 17:00 – Updated: 2024-08-07 08:24
VLAI
Summary
Directory traversal vulnerability in system/_b/contentFiles/gbincluder.php in BolinOS 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _bFileToInclude parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/28445 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/5309 | exploitx_refsource_EXPLOIT-DB |
| http://securityreason.com/securityalert/3788 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/490058/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/29535 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-03-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:42.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28445",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28445"
},
{
"name": "5309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "bolinos-gbincluder-file-include(41431)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41431"
},
{
"name": "29535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in system/_b/contentFiles/gbincluder.php in BolinOS 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _bFileToInclude parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28445",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28445"
},
{
"name": "5309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "bolinos-gbincluder-file-include(41431)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41431"
},
{
"name": "29535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1555",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in system/_b/contentFiles/gbincluder.php in BolinOS 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _bFileToInclude parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28445",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28445"
},
{
"name": "5309",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "bolinos-gbincluder-file-include(41431)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41431"
},
{
"name": "29535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1555",
"datePublished": "2008-03-31T17:00:00.000Z",
"dateReserved": "2008-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:24:42.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1557 (GCVE-0-2008-1557)
Vulnerability from cvelistv5 – Published: 2008-03-31 17:00 – Updated: 2024-08-07 08:24
VLAI
Summary
BolinOS 4.6.1 allows remote attackers to obtain sensitive information via a direct request to system/actionspages/_b/contentFiles/gBphpInfo.php, which calls the phpinfo function.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/5309 | exploitx_refsource_EXPLOIT-DB |
| http://securityreason.com/securityalert/3788 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/490058/100… | mailing-listx_refsource_BUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/29535 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-03-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:42.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "bolinos-gbphpinfo-information-disclosure(41434)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41434"
},
{
"name": "29535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BolinOS 4.6.1 allows remote attackers to obtain sensitive information via a direct request to system/actionspages/_b/contentFiles/gBphpInfo.php, which calls the phpinfo function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "bolinos-gbphpinfo-information-disclosure(41434)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41434"
},
{
"name": "29535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BolinOS 4.6.1 allows remote attackers to obtain sensitive information via a direct request to system/actionspages/_b/contentFiles/gBphpInfo.php, which calls the phpinfo function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5309",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "bolinos-gbphpinfo-information-disclosure(41434)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41434"
},
{
"name": "29535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1557",
"datePublished": "2008-03-31T17:00:00.000Z",
"dateReserved": "2008-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:24:42.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1556 (GCVE-0-2008-1556)
Vulnerability from cvelistv5 – Published: 2008-03-31 17:00 – Updated: 2024-08-07 08:24
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) system/actionspages/_b/contentFiles/gBImageViewer.php, (2) ForEditor parameter to (b) system/actionspages/_b/contentFiles/gBselectorContents.php, (3) the PATH_INFO to (c) gBLoginPage.php and (d) gBPassword.php in system/actionspages/_b/contentFiles/, (4) formlogin parameter to system/actionspages/_b/contentFiles/gBLoginPage.php, and the (5) bolini_searchengine46Search parameter to (e) help/index.php.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/28445 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://www.exploit-db.com/exploits/5309 | exploitx_refsource_EXPLOIT-DB |
| http://securityreason.com/securityalert/3788 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/490058/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/29535 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-03-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:42.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28445",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28445"
},
{
"name": "bolinos-multiple-xss(41432)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41432"
},
{
"name": "5309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "29535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) system/actionspages/_b/contentFiles/gBImageViewer.php, (2) ForEditor parameter to (b) system/actionspages/_b/contentFiles/gBselectorContents.php, (3) the PATH_INFO to (c) gBLoginPage.php and (d) gBPassword.php in system/actionspages/_b/contentFiles/, (4) formlogin parameter to system/actionspages/_b/contentFiles/gBLoginPage.php, and the (5) bolini_searchengine46Search parameter to (e) help/index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28445",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28445"
},
{
"name": "bolinos-multiple-xss(41432)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41432"
},
{
"name": "5309",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "29535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1556",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) system/actionspages/_b/contentFiles/gBImageViewer.php, (2) ForEditor parameter to (b) system/actionspages/_b/contentFiles/gBselectorContents.php, (3) the PATH_INFO to (c) gBLoginPage.php and (d) gBPassword.php in system/actionspages/_b/contentFiles/, (4) formlogin parameter to system/actionspages/_b/contentFiles/gBLoginPage.php, and the (5) bolini_searchengine46Search parameter to (e) help/index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28445",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28445"
},
{
"name": "bolinos-multiple-xss(41432)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41432"
},
{
"name": "5309",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5309"
},
{
"name": "3788",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3788"
},
{
"name": "20080325 [DSECRG-08-022] Multiple Security Vulnerabilities in Bolinos 4.6.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490058/100/0/threaded"
},
{
"name": "29535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1556",
"datePublished": "2008-03-31T17:00:00.000Z",
"dateReserved": "2008-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-07T08:24:42.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4850 (GCVE-0-2006-4850)
Vulnerability from cvelistv5 – Published: 2006-09-19 01:00 – Updated: 2024-08-07 19:23
VLAI
Summary
PHP remote file inclusion vulnerability in system/_b/contentFiles/gBIndex.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/20037 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/2372 | exploitx_refsource_EXPLOIT-DB |
| http://securityreason.com/securityalert/1593 | third-party-advisoryx_refsource_SREASON |
| http://www.vupen.com/english/advisories/2006/3642 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/446113/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/21965 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-09-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20037",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20037"
},
{
"name": "2372",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2372"
},
{
"name": "1593",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1593"
},
{
"name": "ADV-2006-3642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3642"
},
{
"name": "20060915 BolinOS v.4.5.5 \u003c= (gBRootPath) Remote File Include Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/446113/100/0/threaded"
},
{
"name": "21965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21965"
},
{
"name": "bolinos-index-file-include(28991)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28991"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in system/_b/contentFiles/gBIndex.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20037",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20037"
},
{
"name": "2372",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2372"
},
{
"name": "1593",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1593"
},
{
"name": "ADV-2006-3642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3642"
},
{
"name": "20060915 BolinOS v.4.5.5 \u003c= (gBRootPath) Remote File Include Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/446113/100/0/threaded"
},
{
"name": "21965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21965"
},
{
"name": "bolinos-index-file-include(28991)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28991"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in system/_b/contentFiles/gBIndex.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20037",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20037"
},
{
"name": "2372",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2372"
},
{
"name": "1593",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1593"
},
{
"name": "ADV-2006-3642",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3642"
},
{
"name": "20060915 BolinOS v.4.5.5 \u003c= (gBRootPath) Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446113/100/0/threaded"
},
{
"name": "21965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21965"
},
{
"name": "bolinos-index-file-include(28991)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28991"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4850",
"datePublished": "2006-09-19T01:00:00.000Z",
"dateReserved": "2006-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:23:41.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4851 (GCVE-0-2006-4851)
Vulnerability from cvelistv5 – Published: 2006-09-19 01:00 – Updated: 2024-08-07 19:23
VLAI
Summary
PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHTMLEditor.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/84179 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2006/3642 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-09-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.258Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "84179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/84179"
},
{
"name": "ADV-2006-3642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3642"
},
{
"name": "bolinos-index-file-include(28991)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28991"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHTMLEditor.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "84179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/84179"
},
{
"name": "ADV-2006-3642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3642"
},
{
"name": "bolinos-index-file-include(28991)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28991"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHTMLEditor.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "84179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84179"
},
{
"name": "ADV-2006-3642",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3642"
},
{
"name": "bolinos-index-file-include(28991)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28991"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4851",
"datePublished": "2006-09-19T01:00:00.000Z",
"dateReserved": "2006-09-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:23:41.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}