Lucene search
K

8 matches found

CVE
CVE
added 2009/04/09 4:0 p.m.59 views

CVE-2009-1277

CVE-2009-1277 concerns Gravity Board X (GBX) 2.0 Beta. The vulnerability is a SQL injection in index.php via the member_id parameter in a viewprofile action, enabling remote attackers to execute arbitrary SQL commands. The entry notes that a separate board_id issue is covered by CVE-2008-2996. Co...

7.5CVSS8.3AI score0.00975EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2009/04/09 4:0 p.m.45 views

CVE-2009-1278

Gravity Board X (GBX) 2.0 BETA has a static code injection in forms/ajax/configure.php that allows remote attackers to inject arbitrary PHP code into config.php via the configure action to index.php. Affected: GBX 2.0 BETA; vulnerable file: forms/ajax/configure.php. Root cause: configuration work...

7.5CVSS7.5AI score0.02312EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2008/07/03 5:47 p.m.43 views

CVE-2008-2997

CVE-2008-2997 : XSS vulnerability in Gravity Board X (GBX) 2.0 Beta. In GBX’s index.php, the subject parameter in the postnewsubmit (create new thread) action can be exploited to inject arbitrary script/HTML. This remote vector could affect users who submit a thread, with the impact described as ...

4.3CVSS5.7AI score0.01445EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2005/08/16 4:0 a.m.41 views

CVE-2005-2563

CVE-2005-2563 involves multiple XSS vulnerabilities in Gravity Board X (GBX) 1.1. The flaws allow remote attackers to inject arbitrary web script or HTML via (1) the board_id parameter to deletethread.php and (2) the template. The cited sources describe the affected software and the two attack ve...

4.3CVSS5.8AI score0.0125EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2005/08/16 4:0 a.m.68 views

CVE-2005-2562

CVE-2005-2562 is an SQL injection vulnerability in Gravity Board X (GBX) 1.1 that allows remote attackers to bypass authentication via the login field and execute arbitrary SQL commands. Multiple connected documents corroborate injections affecting GBX 1.1, enabling credential bypass and potentia...

7.5CVSS8.6AI score0.02631EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2005/08/16 4:0 a.m.50 views

CVE-2005-2564

CVE-2005-2564 affects Gravity Board X (GBX) 1.1. It is a direct static code injection vulnerability in editcss.php where the csscontent parameter is directly inserted into gbxfinal.css, allowing remote attackers to execute arbitrary PHP code, HTML, and script. The NVD entry documents a network-ex...

7.5CVSS7.8AI score0.05091EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2005/08/16 4:0 a.m.15 views

CVE-2005-2563

Multiple cross-site scripting XSS vulnerabilities in Gravity Board X GBX 1.1 allow remote attackers to inject arbitrary web script or HTML via 1 the boardid parameter to deletethread.php or 2 the template...

4.3CVSS5.8AI score0.0125EPSS
Exploits1References3
CVE
CVE
added 2005/08/16 4:0 a.m.49 views

CVE-2005-2565

CVE-2005-2565 concerns Gravity Board X (GBX) 1.1. The vulnerability is an information-disclosure in which error messages from several GBX pages (e.g., deletethread.php with a perm value, ban.php, addnews.php, banned.php, boardstats.php, adminform.php, /forms/admininfo.php, /forms/announcements.ph...

5CVSS6.2AI score0.01212EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder