Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Xmb ForumXmb

10 matches found

CVE
CVEadded 2005/05/02 4:0 a.m.63 views

CVE-2005-0885

Multiple cross-site scripting (XSS) vulnerabilities in XMB Forum 1.9.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Mood or (2) "Send To" fields.

4.3CVSS5.8AI score0.00335EPSS
CVE
CVEadded 2005/05/10 4:0 a.m.43 views

CVE-2004-1862

Multiple cross-site scripting (XSS) vulnerabilities in Extreme Messageboard (XMB) 1.8 SP3 and 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) xmbuser parameter to xmb.php, (2) folder parameter to u2u.php, (3) viewmost, replymost, or latest parameter to stats.php, ...

4.3CVSS6AI score0.01558EPSS
CVE
CVEadded 2005/11/19 1:3 a.m.40 views

CVE-2005-3689

post.php in XMB 1.9.2 allows remote attackers to obtain the installation path via an invalid fid parameter in a newthread action.

5CVSS7AI score0.01001EPSS
CVE
CVEadded 2005/11/16 7:42 a.m.39 views

CVE-2005-3544

Cross-site scripting (XSS) vulnerability in u2u.php in XMB 1.9.3 allows remote attackers to inject arbitrary web script or HTML via the username parameter.

4.3CVSS6AI score0.01066EPSS
CVE
CVEadded 2005/08/16 4:0 a.m.37 views

CVE-2005-2574

xmb.php in XMB Forum 1.9.1 extracts and defines all provided variables, which allows remote attackers to modify arbitrary server variables such as _SERVER[REMOTE_ADDR].

5CVSS6.8AI score0.0038EPSS
CVE
CVEadded 2005/05/10 4:0 a.m.35 views

CVE-2004-1863

Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allow remote attackers to inject arbitrary web script or HTML via (1) the u2uheader parameter in editprofile.php, the restrict parameter in (2) member.php, (3) misc.php, and (4) today.ph...

4.3CVSS6AI score0.00624EPSS
CVE
CVEadded 2005/08/16 4:0 a.m.35 views

CVE-2005-2575

SQL injection vulnerability in u2u.inc.php in XMB Forum 1.9.1 allows remote attackers to execute arbitrary SQL commands via certain values that are inserted into the $in variable.

7.5CVSS8.4AI score0.00487EPSS
CVE
CVEadded 2005/05/10 4:0 a.m.32 views

CVE-2004-1864

SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php.

7.5CVSS8.8AI score0.01237EPSS
CVE
CVEadded 2005/11/19 1:3 a.m.31 views

CVE-2005-3688

Cross-site scripting (XSS) vulnerability in members.php in XMB 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Your Current Mood" field in the registration page.

4.3CVSS6AI score0.00944EPSS
CVE
CVEadded 2005/05/10 4:0 a.m.30 views

CVE-2004-1860

Buffer overflow in Check Point SmartDashboard in Check Point NG AI R54 and R55 allows remote authenticated users to cause a denial of service (server disconnect) and possibly execute arbitrary code via a large filter on a column when using SmartView Tracker.

5CVSS8AI score0.02283EPSS