Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
btiteam xbtit 2.5.4 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-16361
An issue exists in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter.
Btiteam Xbtit 2.5.4
9.8
CVSSv3
CVE-2018-15681
An issue exists in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is rehashed using a predictable salt and stored in the "pass" cookie, which is not flagged as HTTPOnly. Due to the weak and predictable salt that is in place, an attacker who successfully s...
Btiteam Xbtit 2.5.4
6.1
CVSSv3
CVE-2018-15677
The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item. This is also exploitable via CSRF.
Btiteam Xbtit 2.5.4
6.1
CVSSv3
CVE-2018-15678
An issue exists in BTITeam XBTIT 2.5.4. The "act" parameter in the sign-up page available at /index.php?page=signup is vulnerable to reflected cross-site scripting.
Btiteam Xbtit 2.5.4
6.1
CVSSv3
CVE-2018-15679
An issue exists in BTITeam XBTIT 2.5.4. The "keywords" parameter in the search function available at /index.php?page=forums&action=search is vulnerable to reflected cross-site scripting.
Btiteam Xbtit 2.5.4
9.8
CVSSv3
CVE-2018-15680
An issue exists in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtit_users table are stored as unsalted MD5 hashes, which makes it easier for context-dependent malicious users to obtain cleartext values via a brute-force attack.
Btiteam Xbtit 2.5.4
6.1
CVSSv3
CVE-2018-17870
An issue exists in BTITeam XBTIT 2.5.4. The "returnto" parameter of account_change.php is vulnerable to an open redirect, a different vulnerability than CVE-2018-15683.
Btiteam Xbtit 2.54
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started