Gnuboard@* Security Vulnerabilities and Issues — Gnuboard@* CVE List

Lucene search

SirGnuboard*

12 matches found

CVE•added 2019/08/26 9:15 p.m.•171 views

CVE-2018-18668

GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "homepage title" parameter, aka the adm/config_form_update.php cf_title parameter.

6.1CVSS5.9AI score0.0027EPSS

Web

CVE•added 2024/05/14 3:1 p.m.•79 views

CVE-2024-24157

Gnuboard g6 / https://github.com/gnuboard/g6 commit c2cc1f5069e00491ea48618d957332d90f6d40e4 is vulnerable to Cross Site Scripting (XSS) via board.py.

6.1CVSS6AI score0.00934EPSS

CVE•added 2022/11/12 10:15 p.m.•52 views

CVE-2022-3963

A vulnerability was found in gnuboard5. It has been classified as problematic. Affected is an unknown function of the file bbs/faq.php of the component FAQ Key ID Handler. The manipulation of the argument fm_id leads to cross site scripting. It is possible to launch the attack remotely. Upgrading t...

5.4CVSS4.5AI score0.00079EPSS

Web

CVE•added 2024/03/16 6:15 a.m.•44 views

CVE-2024-24156

Cross Site Scripting (XSS) vulnerability in Gnuboard g6 before Github commit 58c737a263ac0c523592fd87ff71b9e3c07d7cf5, allows remote attackers execute arbitrary code via the wr_content parameter.

6.1CVSS6.5AI score0.00329EPSS

CVE•added 2024/08/26 3:15 p.m.•43 views

CVE-2024-39097

There is an Open Redirect vulnerability in Gnuboard v6.0.4 and below via the url parameter in login path.

6.1CVSS7AI score0.00099EPSS

CVE•added 2019/04/26 8:29 p.m.•42 views

CVE-2018-15584

Cross-Site Scripting (XSS) vulnerability in adm/boardgroup_form_update.php and adm/boardgroup_list_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.

6.1CVSS5.9AI score0.00238EPSS

CVE•added 2019/04/26 8:29 p.m.•38 views

CVE-2018-15581

Cross-Site Scripting (XSS) vulnerability in adm/faqmasterformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.

6.1CVSS5.9AI score0.00223EPSS

CVE•added 2019/03/27 8:29 p.m.•35 views

CVE-2018-15585

Cross-Site Scripting (XSS) vulnerability in newwinform.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter.

6.1CVSS5.9AI score0.0037EPSS

CVE•added 2019/04/26 8:29 p.m.•32 views

CVE-2018-15582

Cross-Site Scripting (XSS) vulnerability in adm/sms_admin/num_book_write.php and adm/sms_admin/num_book_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.

6.1CVSS5.9AI score0.00238EPSS

CVE•added 2019/10/30 6:15 p.m.•31 views

CVE-2018-18678

GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board group extra contents" parameter, aka the adm/boardgroup_form_update.php gr_1~10 parameter.

6.1CVSS5.9AI score0.00664EPSS

Web

CVE•added 2019/04/26 8:29 p.m.•30 views

CVE-2018-15580

Cross-Site Scripting (XSS) vulnerability in adm/contentformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.

6.1CVSS5.9AI score0.00223EPSS

Web

CVE•added 2019/03/25 9:29 p.m.•30 views

CVE-2018-15583

Cross-Site Scripting (XSS) vulnerability in point_list.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter.

6.1CVSS5.9AI score0.00304EPSS