Shodan
Vulnerabilities
Vulnerable Software
Xmb Forum:  Security Vulnerabilities
CVE-2004-1860
Buffer overflow in Check Point SmartDashboard in Check Point NG AI R54 and R55 allows remote authenticated users to cause a denial of service (server disconnect) and possibly execute arbitrary code via a large filter on a column when using SmartView Tracker.
CVSS Score
5.0
EPSS Score
0.023
Published
2004-12-31
CVE-2004-1863
Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allow remote attackers to inject arbitrary web script or HTML via (1) the u2uheader parameter in editprofile.php, the restrict parameter in (2) member.php, (3) misc.php, and (4) today.php, and (5) an arbitrary parameter in phpinfo.php.
CVSS Score
4.3
EPSS Score
0.006
Published
2004-12-31
CVE-2004-1862
Multiple cross-site scripting (XSS) vulnerabilities in Extreme Messageboard (XMB) 1.8 SP3 and 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) xmbuser parameter to xmb.php, (2) folder parameter to u2u.php, (3) viewmost, replymost, or latest parameter to stats.php, (4) message or icons parameter to post.php, (5) threadlist, pagelinks, forumlist, navigation, or (6) forumdisplay parameter to forumdisplay.php.
CVSS Score
4.3
EPSS Score
0.016
Published
2004-03-26
CVE-2004-1864
SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php.
CVSS Score
7.5
EPSS Score
0.012
Published
2004-03-26
CVE-2004-0322
Multiple cross-site scripting (XSS) vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to execute arbitrary script as other users via the (1) member parameter in member.php, (2) uid parameter in u2uadmin.php, (3) user parameter in editprofile.php, (4) an onmouseover event in an align tag when bbcode is allowed, or (5) img tag where bbcode is allowed.
CVSS Score
4.3
EPSS Score
0.012
Published
2004-02-23
CVE-2003-0483
Cross-site scripting (XSS) vulnerabilities in XMB Forum 1.8 Partagium allow remote attackers to insert arbitrary script via (1) the member parameter to member.php or (2) the action parameter to buddy.php.
CVSS Score
6.8
EPSS Score
0.005
Published
2003-08-07
CVE-2003-0375
Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB 1.8.x (aka Partagium) allows remote attackers to insert arbitrary HTML and web script via the "member" parameter.
CVSS Score
4.3
EPSS Score
0.006
Published
2003-06-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved