Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Gnuboard Security Vulnerabilities

cve
cve

CVE-2022-44216

Gnuboard 5.5.4 and 5.5.5 is vulnerable to Insecure Permissions. An attacker can change password of all users without knowing victim's original...

7.5CVSS

7.6AI Score

0.001EPSS

2023-02-20 08:15 PM
36
cve
cve

CVE-2022-30050

Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting (XSS) via...

6.1CVSS

6AI Score

0.001EPSS

2022-05-16 05:15 PM
49
6
cve
cve

CVE-2022-1252

Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any.....

9.1CVSS

9.1AI Score

0.002EPSS

2022-04-11 11:15 AM
62
2
cve
cve

CVE-2021-3831

gnuboard5 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site...

6.1CVSS

6.2AI Score

0.001EPSS

2021-12-14 11:15 AM
19
cve
cve

CVE-2014-2339

Multiple SQL injection vulnerabilities in bbs/ajax.autosave.php in GNUboard 5.x and possibly earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) subject or (2) content...

8.4AI Score

0.001EPSS

2014-03-19 02:17 PM
31
cve
cve

CVE-2012-4873

Cross-site scripting (XSS) vulnerability in the file_download function in GNUBoard before 4.34.21 allows remote attackers to inject arbitrary web script or HTML via the filename...

6.3AI Score

0.004EPSS

2012-09-06 09:55 PM
21
cve
cve

CVE-2011-4066

SQL injection vulnerability in bbs/tb.php in Gnuboard 4.33.02 and earlier allows remote attackers to execute arbitrary SQL commands via the...

8.6AI Score

0.001EPSS

2011-11-04 09:55 PM
22
cve
cve

CVE-2009-0290

Directory traversal vulnerability in common.php in SIR GNUBoard 4.31.03 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the g4_path parameter. NOTE: in some environments, this can be leveraged for remote code execution via a data: URI or a UNC share...

8.7AI Score

0.022EPSS

2009-01-27 07:30 PM
21
cve
cve

CVE-2005-0269

The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase...

9.8CVSS

7.7AI Score

0.004EPSS

2005-05-02 04:00 AM
25
cve
cve

CVE-2004-1403

PHP remote file inclusion vulnerability in index.php in GNUBoard 3.39 and earlier allows remote attackers to execute arbitrary PHP code by modifying the doc parameter to reference a URL on a remote web server that contains the...

7.8AI Score

0.012EPSS

2004-12-31 05:00 AM
25