Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbs vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-43103
A File Upload vulnerability exists in bbs 5.3 is via ForumManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.
Diyhi Bbs 5.3
7.5
CVSSv2
CVE-2022-23390
An issue in the getType function of BBS Forum v5.3 and below allows malicious users to upload arbitrary files.
Diyhi Bbs Forum
5
CVSSv2
CVE-2021-36512
An issue exists in function scanallsubs in src/sbbs3/scansubs.cpp in Synchronet BBS, which may allow malicious users to view sensitive information due to an uninitialized value.
Synchro Bulletin Board System -
4.3
CVSSv2
CVE-2020-21496
A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows malicious users to execute arbitrary web scripts or HTML via the sitebrief parameter.
Xiuno Xiunobbs 4.0.4
5
CVSSv2
CVE-2020-21493
An issue in the component route\user.php of Xiuno BBS v4.0.4 allows malicious users to enumerate usernames.
Xiuno Xiunobbs 4.0.4
4.3
CVSSv2
CVE-2020-21494
A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows malicious users to execute arbitrary web scripts or HTML via changing the doctype value to 0.
Xiuno Xiunobbs 4.0.4
4.3
CVSSv2
CVE-2020-21495
A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows malicious users to execute arbitrary web scripts or HTML via the sitename parameter.
Xiuno Xiunobbs 4.0.4
4.3
CVSSv2
CVE-2020-18663
Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the act parameter in bbs/move_update.php.
Gnuboard Gnuboard5
4.3
CVSSv2
CVE-2020-18661
Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the url parameter to bbs/login.php.
Gnuboard Gnuboard5
5
CVSSv2
CVE-2021-34683
An issue exists in EXCELLENT INFOTEK CORPORATION (EIC) E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/get_user_email_info_bbs.asp to obtain the contact information (name and e-mail address) of everyone in the entire organization. This information can allow remot...
Eic E-document System 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »