Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnuboard5 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-15585
Cross-Site Scripting (XSS) vulnerability in newwinform.php in GNUBOARD5 prior to 5.3.1.6 allows remote malicious users to inject arbitrary web script or HTML via the popup title parameter.
Gnuboard5 Project Gnuboard5
6.1
CVSSv3
CVE-2021-3831
gnuboard5 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Gnuboard Gnuboard5
9.1
CVSSv3
CVE-2022-1252
Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an malicious user to derive t...
Gnuboard Gnuboard5
6.1
CVSSv3
CVE-2020-18661
Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the url parameter to bbs/login.php.
Gnuboard Gnuboard5
9.8
CVSSv3
CVE-2020-18662
SQL Injection vulnerability in gnuboard5 <=v5.3.2.8 via the table_prefix parameter in install_db.php.
Gnuboard Gnuboard5
6.1
CVSSv3
CVE-2020-18663
Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the act parameter in bbs/move_update.php.
Gnuboard Gnuboard5
6.1
CVSSv3
CVE-2018-18668
GNUBOARD5 prior to 5.3.2.0 has XSS that allows remote malicious users to inject arbitrary web script or HTML via the "homepage title" parameter, aka the adm/config_form_update.php cf_title parameter.
Gnuboard Gnuboard5
6.1
CVSSv3
CVE-2018-18678
GNUBOARD5 prior to 5.3.2.0 has XSS that allows remote malicious users to inject arbitrary web script or HTML via the "board group extra contents" parameter, aka the adm/boardgroup_form_update.php gr_1~10 parameter.
Gnuboard Gnuboard5
5.4
CVSSv3
CVE-2022-3963
A vulnerability was found in gnuboard5. It has been classified as problematic. Affected is an unknown function of the file bbs/faq.php of the component FAQ Key ID Handler. The manipulation of the argument fm_id leads to cross site scripting. It is possible to launch the attack re...
Gnuboard Gnuboard5
6.1
CVSSv3
CVE-2018-15580
Cross-Site Scripting (XSS) vulnerability in adm/contentformupdate.php in gnuboard5 prior to 5.3.1.6 allows remote malicious users to inject arbitrary web script or HTML.
Gnuboard Gnuboard5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »