cbcvebase.

Bolinos vulnerabilities

4 known vulnerabilities affecting bolinos/bolinos.

Total CVEs
4
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2008-1555P3MEDIUMCVSS 6.8PoCv4.6.12008-03-31
CVE-2008-1555 [MEDIUM] CWE-22 CVE-2008-1555: Directory traversal vulnerability in system/_b/contentFiles/gbincluder.php in BolinOS 4.6.1 allows r Directory traversal vulnerability in system/_b/contentFiles/gbincluder.php in BolinOS 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _bFileToInclude parameter.
nvd
CVE-2008-1556P4MEDIUMCVSS 4.3PoCv4.6.12008-03-31
CVE-2008-1556 [MEDIUM] CWE-79 CVE-2008-1556: Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 allow remote attackers to injec Multiple cross-site scripting (XSS) vulnerabilities in BolinOS 4.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) system/actionspages/_b/contentFiles/gBImageViewer.php, (2) ForEditor parameter to (b) system/actionspages/_b/contentFiles/gBselectorContents.php, (3) the PATH_INFO to (c) gBLoginPage.php and
nvd
CVE-2008-1557P4MEDIUMCVSS 5.0PoCv4.6.12008-03-31
CVE-2008-1557 [MEDIUM] CWE-200 CVE-2008-1557: BolinOS 4.6.1 allows remote attackers to obtain sensitive information via a direct request to system BolinOS 4.6.1 allows remote attackers to obtain sensitive information via a direct request to system/actionspages/_b/contentFiles/gBphpInfo.php, which calls the phpinfo function.
nvd
CVE-2006-4851P4HIGHCVSS 7.5≤ 4.5.5v4.3.0+1 more2006-09-19
CVE-2006-4851 [HIGH] CVE-2006-4851: PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHTMLEditor.php in BolinOS 4.5.5 PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHTMLEditor.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
nvd
Bolinos vulnerabilities | cvebase