185 matches found
Gnuboard 5 - Cross-Site Scripting
Gnuboard 5 contains a cross-site scripting vulnerability via the $GET'LGDOID' parameter. id: CVE-2021-3831 info: name: Gnuboard 5 - Cross-Site Scripting author: arafatansari severity: medium description: | Gnuboard 5 contains a cross-site scripting vulnerability via the $GET'LGDOID' parameter...
GnuBoard5 5.5.16 - Open Redirect
Gnuboard5 5.5.16 contains an open redirect vulnerability caused by insufficient URL parameter verification in bbs/logout.php, letting remote attackers redirect users to arbitrary URLs, exploit requires crafted URL parameter. id: CVE-2024-37656 info: name: GnuBoard5 5.5.16 - Open Redirect author:...
CVE-2024-41475
Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a CORS misconfiguration...
CVE-2024-39097
There is an Open Redirect vulnerability in Gnuboard v6.0.4 and below via the url parameter in login path...
ð Gnuboard 5.6.23 SQL Injection / Code Execution
Gnuboard version 5.6.23 installation exploit that can identify SQL injection and potentially achieve remote code execution. ============================================================================================================================================= | Title : Gnuboard v5.6.23...
VulnCheck KEV: CVE-2024-37656
An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the insufficient URL parameter verification in bbs/logout.php...
CVE-2025-61464
gnuboard gnuboard4 v4.36.04 and before is vulnerable to Second-order SQL Injection via the searchtable in bbs/search.php...
CVE-2025-60859
Cross Site Scripting XSS vulnerability in Gnuboard 5.6.15 allows authenticated attackers to execute arbitrary code via crafted cid parameter in bbs/viewcomment.php...
EUVD-2025-35714
Cross Site Scripting XSS vulnerability in Gnuboard 5.6.15 allows authenticated attackers to execute arbitrary code via crafted cid parameter in bbs/viewcomment.php...
CVE-2025-60859
Cross Site Scripting XSS vulnerability in Gnuboard 5.6.15 allows authenticated attackers to execute arbitrary code via crafted cid parameter in bbs/viewcomment.php...
EUVD-2025-35705
gnuboard gnuboard4 v4.36.04 and before is vulnerable to Second-order SQL Injection via the searchtable in bbs/search.php...
CVE-2025-61464
gnuboard gnuboard4 v4.36.04 and before is vulnerable to Second-order SQL Injection via the searchtable in bbs/search.php...
CVE-2025-61464
gnuboard gnuboard4 v4.36.04 and before is vulnerable to Second-order SQL Injection via the searchtable in bbs/search.php...
CVE-2025-60859
Cross Site Scripting XSS vulnerability in Gnuboard 5.6.15 allows authenticated attackers to execute arbitrary code via crafted cid parameter in bbs/viewcomment.php...
CVE-2025-61464
gnuboard gnuboard4 v4.36.04 and before is vulnerable to Second-order SQL Injection via the searchtable in bbs/search.php...
CVE-2025-61464
gnuboard gnuboard4 v4.36.04 and before is vulnerable to Second-order SQL Injection via the searchtable in bbs/search.php...
CVE-2025-60859
Cross Site Scripting XSS vulnerability in Gnuboard 5.6.15 allows authenticated attackers to execute arbitrary code via crafted cid parameter in bbs/viewcomment.php...
Gnuboard åŪå Ļæžæī
Gnuboard is an open source set of extensible forum programs from Gnuboard. A security vulnerability exists in Gnuboard version 5.6.15, which stems from an incorrect manipulation of the parameter cid in bbs/viewcomment.php, which could lead to a cross-site scripting attack...
CVE-2025-61464
CVE-2025-61464 affects gnuboard4 v4.36.04 and earlier. The root cause is a Second-order SQL Injection via the search_table in bbs/search.php. Documented impacts include possible unauthorized database access or modification. Remediation recommended in multiple sources is to upgrade to gnuboard ver...
PT-2025-43536
Name of the Vulnerable Software and Affected Versions gnuboard versions prior to 4.36.05 Description gnuboard4 is susceptible to a Second-order SQL Injection issue through the search table parameter within the bbs/search.php file. This allows for potential unauthorized database access or...