Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
btiteam xbtit 2.5.4 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-16361
An issue exists in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter.
Btiteam Xbtit 2.5.4
6.1
CVSSv3
CVE-2018-15678
An issue exists in BTITeam XBTIT 2.5.4. The "act" parameter in the sign-up page available at /index.php?page=signup is vulnerable to reflected cross-site scripting.
Btiteam Xbtit 2.5.4
9.8
CVSSv3
CVE-2018-15680
An issue exists in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtit_users table are stored as unsalted MD5 hashes, which makes it easier for context-dependent malicious users to obtain cleartext values via a brute-force attack.
Btiteam Xbtit 2.5.4
6.1
CVSSv3
CVE-2018-15677
The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item. This is also exploitable via CSRF.
Btiteam Xbtit 2.5.4
6.1
CVSSv3
CVE-2018-15679
An issue exists in BTITeam XBTIT 2.5.4. The "keywords" parameter in the search function available at /index.php?page=forums&action=search is vulnerable to reflected cross-site scripting.
Btiteam Xbtit 2.5.4
9.8
CVSSv3
CVE-2018-15681
An issue exists in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is rehashed using a predictable salt and stored in the "pass" cookie, which is not flagged as HTTPOnly. Due to the weak and predictable salt that is in place, an attacker who successfully s...
Btiteam Xbtit 2.5.4
6.1
CVSSv3
CVE-2018-17870
An issue exists in BTITeam XBTIT 2.5.4. The "returnto" parameter of account_change.php is vulnerable to an open redirect, a different vulnerability than CVE-2018-15683.
Btiteam Xbtit 2.54
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started