Lucene search
K

186 matches found

NVD
NVD
added 2022/12/28 9:15 a.m.15 views

CVE-2021-4293

UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic has been found in gnuboard youngcart5 up to 5.4.5.1. Affected is an unknown function of the file adm/menulistupdate.php. The manipulation of the argument melink leads to cross site scripting. It is possible to launch the attack...

6.1CVSS0.00505EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/12/28 8:53 a.m.16 views

CVE-2021-4293 gnuboard youngcart5 menu_list_update.php cross site scripting

UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic has been found in gnuboard youngcart5 up to 5.4.5.1. Affected is an unknown function of the file adm/menulistupdate.php. The manipulation of the argument melink leads to cross site scripting. It is possible to launch the attack...

3.5CVSS6.2AI score0.00505EPSS
Exploits0References4
CVE
CVE
added 2022/12/28 8:53 a.m.45 views

CVE-2021-4293

The CVE-2021-4293 entry affects gnuboard youngcart5 up to version 5.4.5.1, where the argument me_link in the file adm/menu_list_update.php can be manipulated to trigger cross-site scripting. The issue could be exploited remotely. Remediation is to upgrade to version 5.4.5.2. The patch is identifi...

6.1CVSS4.8AI score0.00505EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/12/28 12:0 a.m.4 views

PT-2022-11744 · Unknown · Gnuboard Youngcart5

Name of the Vulnerable Software and Affected Versions: gnuboard youngcart5 versions up to 5.4.5.1 Description: A vulnerability has been found in gnuboard youngcart5, where the manipulation of the argument me link in the file adm/menu list update.php leads to cross site scripting. This issue can b...

6.1CVSS4.2AI score0.00505EPSS
Exploits0References8
CNNVD
CNNVD
added 2022/11/12 12:0 a.m.6 views

GNUBOARD5 跨站脚本漏洞

GNUBOARD5 is a web forum system based on PHP and MySQL. A security vulnerability exists in GNUBOARD5 that originates from an unknown function in the file bbs/faq.php of the FAQ Key ID Handler component, which can be exploited by an attacker to cause cross-site scripting XSS via manipulation of th...

5.4CVSS5.3AI score0.00385EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/11/12 12:0 a.m.10 views

PT-2022-24983 · Gnuboard5 · Gnuboard5

Name of the Vulnerable Software and Affected Versions: gnuboard5 versions prior to 5.5.8.2.1 Description: A problem was found in the FAQ Key ID Handler component, specifically in the file bbs/faq.php. The issue arises from the manipulation of the fm id argument, leading to cross-site scripting...

5.4CVSS6.4AI score0.00385EPSS
Exploits0References7
Huntr
Huntr
added 2022/08/11 6:46 a.m.16 views

cross site scripting - reflected

The reflected XSS vulnerability occurs to a flaw in the cleanxsstags function called in new.php of Gnuboard 5. 1. Open the https://sir.kr/bbs/new.php?darkmode=%22%3E%3Cscript%3Ealertdocument.domain%3C/script%3E 2. payload executing...

1.1AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/16 5:15 p.m.3 views

CVE-2022-30050

Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting XSS via bbs/memberconfirm.php...

6.1CVSS5.9AI score0.00685EPSS
Exploits1References2
NVD
NVD
added 2022/05/16 5:15 p.m.24 views

CVE-2022-30050

Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting XSS via bbs/memberconfirm.php...

6.1CVSS0.00685EPSS
Exploits1References1
Prion
Prion
added 2022/05/16 5:15 p.m.16 views

Cross site scripting

Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting XSS via bbs/memberconfirm.php...

4.3CVSS6AI score0.00685EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/05/16 4:40 p.m.26 views

CVE-2022-30050

Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting XSS via bbs/memberconfirm.php...

6.2AI score0.00685EPSS
Exploits1References1
CVE
CVE
added 2022/05/16 4:40 p.m.85 views

CVE-2022-30050

CVE-2022-30050 affects Gnuboard versions 5.55 and 5.56, with a Cross-Site Scripting (XSS) flaw in the file path bbs/member_confirm.php . The root cause is insufficient validation/output handling of user-supplied data, enabling script execution on the client side. Reported by multiple sources (CNV...

6.1CVSS6AI score0.00685EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/05/16 4:40 p.m.13 views

CVE-2022-30050

Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting XSS via bbs/memberconfirm.php...

6.1CVSS6AI score0.00685EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/05/16 12:0 a.m.9 views

GNUBOARD5 跨站脚本漏洞

GNUBOARD5 is a PHP and MySQL-based Web forum system. GNUBOARD5 versions 5.55 and 5.56 are vulnerable to a cross-site scripting vulnerability, which originates in bbs/memberconfirm.php and lacks a data validation filter for user-supplied data and output. An attacker could exploit this vulnerabilit...

6.1CVSS6.3AI score0.00685EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/05/16 12:0 a.m.6 views

PT-2022-19987 · Gnuboard · Gnuboard

Name of the Vulnerable Software and Affected Versions: Gnuboard versions 5.55 through 5.56 Description: The issue is related to Cross Site Scripting XSS via the bbs/member confirm.php endpoint. This allows for potential malicious script injection. Recommendations: For versions 5.55 and 5.56,...

6.1CVSS5.8AI score0.00685EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2022/04/11 11:15 a.m.5 views

CVE-2022-1252

Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any...

9.1CVSS7.7AI score0.00538EPSS
Exploits1References3
NVD
NVD
added 2022/04/11 11:15 a.m.36 views

CVE-2022-1252

Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any...

9.1CVSS0.00538EPSS
Exploits1References2
Prion
Prion
added 2022/04/11 11:15 a.m.20 views

Design/Logic Flaw

Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any...

6.4CVSS9.1AI score0.00538EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/04/11 10:15 a.m.26 views

CVE-2022-1252 Use of a Broken or Risky Cryptographic Algorithm in gnuboard/gnuboard5

Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any...

8.2CVSS8.4AI score0.00538EPSS
Exploits1References4
CVE
CVE
added 2022/04/11 10:15 a.m.123 views

CVE-2022-1252

CVE-2022-1252 concerns gnuboard/gnuboard5 (versions up to and including 5.5.5). The vulnerability stems from the use of a broken or risky cryptographic algorithm, allowing an attacker to derive a user’s email address and potentially send emails to arbitrary addresses with full content control. Ro...

9.1CVSS8.4AI score0.00538EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder