Lucene search
K

105 matches found

NVD
NVD
added 2026/06/17 1:20 p.m.6 views

CVE-2026-27395

Unauthenticated Privilege Escalation in Support Board 3.8.9 versions...

9.8CVSS0.00345EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 8:57 p.m.18 views

CVE-2026-27395 WordPress Support Board plugin < 3.8.9 - Privilege Escalation vulnerability

Unauthenticated Privilege Escalation in Support Board 3.8.9 versions...

9.8CVSS0.00345EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 8:57 p.m.19 views

CVE-2026-27395

Vulnerability: WordPress Support Board plugin fallbacks to Privilege Escalation in versions

9.8CVSS5.2AI score0.00345EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.8 views

PT-2026-50087

Unauthenticated Privilege Escalation in Support Board 3.8.9 versions...

9.8CVSS5.2AI score0.00345EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/01 1:38 p.m.6 views

WordPress Support Board plugin < 3.8.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO in WordPress Plugin Support Board versions 3.8.9...

9.8CVSS5.8AI score0.00345EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.5 views

CVE-2026-4816

A Reflected Cross Site Scripting XSS vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the 'search' parameter in '/supportboard/include/articles.php'. This...

5.4CVSS5.8AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:58 p.m.2 views

CVE-2026-4815

A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...

8.8CVSS5.8AI score0.00244EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 3:31 p.m.2 views

EUVD-2026-15415

A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...

8.7CVSS5.8AI score0.00244EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/25 3:31 p.m.5 views

EUVD-2026-15417

A Reflected Cross Site Scripting XSS vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the 'search' parameter in '/supportboard/include/articles.php'. This...

4.8CVSS5.8AI score0.0014EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 2:16 p.m.5 views

CVE-2026-4815

A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...

8.8CVSS0.00244EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 2:16 p.m.4 views

CVE-2026-4816

A Reflected Cross Site Scripting XSS vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the 'search' parameter in '/supportboard/include/articles.php'. This...

5.4CVSS0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 1:31 p.m.21 views

CVE-2026-4815 SQL Injection vulnerability in Support Board

A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...

8.7CVSS0.00244EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 1:31 p.m.2 views

CVE-2026-4815

A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...

8.7CVSS5.8AI score0.00244EPSS
Exploits0References2
CVE
CVE
added 2026/03/25 1:31 p.m.8 views

CVE-2026-4815

Support Board 3.7.7 is affected by a SQL injection vulnerability. The issue allows an attacker to retrieve, create, update, and delete data through the parameter calls[0][message_ids][] in the /supportboard/include/ajax.php endpoint. The connected CVE records confirm the affected product/version ...

8.8CVSS5.8AI score0.00244EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/25 1:31 p.m.2 views

CVE-2026-4815 SQL Injection vulnerability in Support Board

A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...

8.7CVSS5.8AI score0.00244EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 1:31 p.m.20 views

CVE-2026-4816 Reflected Cross Site Scripting (XSS) vulnerability in Support Board

A Reflected Cross Site Scripting XSS vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the 'search' parameter in '/supportboard/include/articles.php'. This...

4.8CVSS0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 1:31 p.m.0 views

CVE-2026-4816 Reflected Cross Site Scripting (XSS) vulnerability in Support Board

A Reflected Cross Site Scripting XSS vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the 'search' parameter in '/supportboard/include/articles.php'. This...

4.8CVSS5.8AI score0.0014EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 1:31 p.m.8 views

CVE-2026-4816

CVE-2026-4816: A Reflected Cross Site Scripting (XSS) vulnerability exists in Support Board v3.7.7. An attacker can craft a malicious URL that injects JavaScript via the search parameter in /supportboard/include/articles.php, causing code execution in the victim’s browser and potentially exfiltra...

5.4CVSS5.8AI score0.0014EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/25 1:31 p.m.3 views

CVE-2026-4816

A Reflected Cross Site Scripting XSS vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the 'search' parameter in '/supportboard/include/articles.php'. This...

4.8CVSS5.8AI score0.0014EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.4 views

PT-2026-27777

Name of the Vulnerable Software and Affected Versions Support Board version 3.7.7 Description A Reflected Cross Site Scripting XSS issue exists in Support Board. This allows an attacker to execute JavaScript code in a user's browser. The attack vector involves sending a malicious URL to a victim,...

5.4CVSS6.2AI score0.0014EPSS
Exploits0References4
Rows per page
Query Builder