Shodan
Vulnerabilities
Vulnerable Software
Sir:  >> Gnuboard  Security Vulnerabilities
CVE-2020-18661
Cross Site Scripting (XSS) vulnerability in gnuboard5 <=v5.3.2.8 via the url parameter to bbs/login.php.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-06-24
CVE-2018-18674
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board tail contents" parameter, aka the adm/board_form_update.php bo_content_tail parameter.
CVSS Score
6.1
EPSS Score
0.007
Published
2019-11-07
CVE-2018-18678
GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board group extra contents" parameter, aka the adm/boardgroup_form_update.php gr_1~10 parameter.
CVSS Score
6.1
EPSS Score
0.007
Published
2019-10-30
CVE-2018-18668
GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "homepage title" parameter, aka the adm/config_form_update.php cf_title parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-08-26
CVE-2018-18670
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Extra Contents" parameter, aka the adm/config_form_update.php cf_1~10 parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-07-23
CVE-2018-18672
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board head contents" parameter, aka the adm/board_form_update.php bo_content_head parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-07-23
CVE-2018-18675
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board title contents" parameter, aka the adm/board_form_update.php bo_mobile_subject parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-07-23
CVE-2018-18676
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board tail contents" parameter, aka the adm/board_form_update.php bo_mobile_content_tail parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-07-23
CVE-2018-18673
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Menu Link" parameter, aka the adm/menu_list_update.php me_link parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-07-23
CVE-2018-18671
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board head contents" parameter, aka the adm/board_form_update.php bo_mobile_content_head parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-07-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved