CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

VulnCheck KEV•added 2025/12/05 12:0 a.m.•6 views

VulnCheck KEV: CVE-2024-37656

An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the insufficient URL parameter verification in bbs/logout.php...

6.1CVSS5.8AI score0.00146EPSS

In wildExploits1References2

CNNVD•added 2025/07/07 12:0 a.m.•0 views

gnuboard5 安全漏洞

gnuboard5 is an application by kagla personal developer. A security vulnerability exists in gnuboard5 version 5.5.16, which stems from insufficient validation of URL parameters in the bbs/login.php component, which could lead to an open redirection attack...

6.1CVSS6.5AI score0.00206EPSS

RedhatCVE•added 2025/05/22 11:24 p.m.•4 views

CVE-2022-3963

A vulnerability was found in gnuboard5. It has been classified as problematic. Affected is an unknown function of the file bbs/faq.php of the component FAQ Key ID Handler. The manipulation of the argument fmid leads to cross site scripting. It is possible to launch the attack remotely. Upgrading ...

5.4CVSS4.8AI score0.00224EPSS

CNNVD•added 2022/11/12 12:0 a.m.•1 views

GNUBOARD5 跨站脚本漏洞

GNUBOARD5 is a web forum system based on PHP and MySQL. A security vulnerability exists in GNUBOARD5 that originates from an unknown function in the file bbs/faq.php of the FAQ Key ID Handler component, which can be exploited by an attacker to cause cross-site scripting XSS via manipulation of th...

5.4CVSS5.3AI score0.00224EPSS

Exploits0References3

Positive Technologies•added 2022/11/12 12:0 a.m.•4 views

PT-2022-24983 · Gnuboard5 · Gnuboard5

Name of the Vulnerable Software and Affected Versions: gnuboard5 versions prior to 5.5.8.2.1 Description: A problem was found in the FAQ Key ID Handler component, specifically in the file bbs/faq.php. The issue arises from the manipulation of the fm id argument, leading to cross-site scripting...

5.4CVSS6.4AI score0.00224EPSS

Exploits0References7

CNNVD•added 2022/05/16 12:0 a.m.•2 views

GNUBOARD5 跨站脚本漏洞

GNUBOARD5 is a PHP and MySQL-based Web forum system. GNUBOARD5 versions 5.55 and 5.56 are vulnerable to a cross-site scripting vulnerability, which originates in bbs/memberconfirm.php and lacks a data validation filter for user-supplied data and output. An attacker could exploit this vulnerabilit...

6.1CVSS6.3AI score0.0024EPSS

Exploits1References2

CNNVD•added 2021/12/14 12:0 a.m.•3 views

GNUBOARD5 跨站脚本漏洞

GNUBOARD5 is a PHP and MySQL based web forum system. A cross-site scripting vulnerability exists in gnuboard5 that stems from the susceptibility to incorrect input during web page generation...

7.1CVSS6.4AI score0.26611EPSS

Positive Technologies•added 2021/06/24 12:0 a.m.•3 views

PT-2021-10201 · Gnuboard5 · Gnuboard5

Name of the Vulnerable Software and Affected Versions: gnuboard5 versions prior to 5.3.2.8 Description: The issue is related to a SQL Injection vulnerability. It can be exploited via the table prefix parameter in the install db.php file. Recommendations: For versions prior to 5.3.2.8, update to a...

9.8CVSS8.2AI score0.00388EPSS

Exploits4References6

CNNVD•added 2021/06/24 12:0 a.m.•2 views

gnuboard5 跨站脚本漏洞

GNUBOARD5 is a Web forum system based on PHP and MySQL. A cross-site scripting vulnerability exists in GNUBOARD5 5.3.2.8 and earlier versions. The vulnerability can be exploited to conduct cross-site scripting attacks via the url parameter in bbs/login.php...

6.1CVSS5.2AI score0.00307EPSS

Positive Technologies•added 2021/06/24 12:0 a.m.•3 views

PT-2021-10200 · Gnuboard5 · Gnuboard5

Name of the Vulnerable Software and Affected Versions: gnuboard5 versions prior to 5.3.2.8 Description: The issue is related to a Cross Site Scripting XSS vulnerability. It can be exploited via the url parameter to "bbs/login.php" endpoint. Recommendations: For versions prior to 5.3.2.8, update t...

6.1CVSS6.1AI score0.00307EPSS

Exploits1References6

CNNVD•added 2021/06/24 12:0 a.m.•2 views

gnuboard5 跨站脚本漏洞

6.1CVSS5.2AI score0.00275EPSS

Positive Technologies•added 2019/11/07 12:0 a.m.•2 views

PT-2019-9620 · Gnuboard · Gnuboard5

Name of the Vulnerable Software and Affected Versions: GNUBOARD5 version 5.3.1.9 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the bo content tail parameter, also referred to as the "board tail contents" parameter, in the "adm/board form update.php" API...

6.1CVSS6.8AI score0.00664EPSS

Exploits0References7

Positive Technologies•added 2019/10/30 12:0 a.m.•2 views

PT-2019-9623 · Gnuboard · Gnuboard5

Name of the Vulnerable Software and Affected Versions: GNUBOARD5 versions prior to 5.3.2.0 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the gr 110 parameter in the adm/boardgroup form update.php endpoint, specifically through the "board group extra...

6.1CVSS6.9AI score0.00664EPSS

Exploits0References7

CNVD•added 2019/07/25 12:0 a.m.•0 views

GNUBOARD5 Cross-Site Scripting Vulnerability (CNVD-2019-24211)

GNUBOARD5 is a Web forum system based on PHP and MySQL. A cross-site scripting vulnerability exists in GNUBOARD5 version 5.3.1.9. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side...

CNVD•added 2019/07/25 12:0 a.m.•1 views

GNUBOARD5 Cross-Site Scripting Vulnerability (CNVD-2019-24243)

CNVD•added 2019/07/25 12:0 a.m.•2 views

GNUBOARD5 Cross-Site Scripting Vulnerability (CNVD-2019-24212)

CNVD•added 2019/07/25 12:0 a.m.•2 views

GNUBOARD5 Cross-Site Scripting Vulnerability (CNVD-2019-24213)

Positive Technologies•added 2019/07/23 12:0 a.m.•2 views

PT-2019-9619 · Gnuboard · Gnuboard5

Name of the Vulnerable Software and Affected Versions: GNUBOARD5 version 5.3.1.9 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the me link parameter, also known as the "Menu Link" parameter, in the adm/menu list update.php endpoint. This can be exploite...