Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bbs vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2021-43103
A File Upload vulnerability exists in bbs 5.3 is via ForumManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.
Diyhi Bbs 5.3
9.8
CVSSv3
CVE-2022-23390
An issue in the getType function of BBS Forum v5.3 and below allows malicious users to upload arbitrary files.
Diyhi Bbs Forum
7.5
CVSSv3
CVE-2021-36512
An issue exists in function scanallsubs in src/sbbs3/scansubs.cpp in Synchronet BBS, which may allow malicious users to view sensitive information due to an uninitialized value.
Synchro Bulletin Board System -
6.1
CVSSv3
CVE-2020-21496
A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows malicious users to execute arbitrary web scripts or HTML via the sitebrief parameter.
Xiuno Xiunobbs 4.0.4
5.3
CVSSv3
CVE-2020-21493
An issue in the component route\user.php of Xiuno BBS v4.0.4 allows malicious users to enumerate usernames.
Xiuno Xiunobbs 4.0.4
6.1
CVSSv3
CVE-2020-21494
A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows malicious users to execute arbitrary web scripts or HTML via changing the doctype value to 0.
Xiuno Xiunobbs 4.0.4
6.1
CVSSv3
CVE-2020-21495
A cross-site scripting (XSS) vulnerability in the component /admin/?setting-base.htm of Xiuno BBS 4.0.4 allows malicious users to execute arbitrary web scripts or HTML via the sitename parameter.
Xiuno Xiunobbs 4.0.4
6.1
CVSSv3
CVE-2020-18663
Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the act parameter in bbs/move_update.php.
Gnuboard Gnuboard5
6.1
CVSSv3
CVE-2020-18661
Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the url parameter to bbs/login.php.
Gnuboard Gnuboard5
5.3
CVSSv3
CVE-2021-34683
An issue exists in EXCELLENT INFOTEK CORPORATION (EIC) E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/get_user_email_info_bbs.asp to obtain the contact information (name and e-mail address) of everyone in the entire organization. This information can allow remot...
Eic E-document System 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »