Shodan
Vulnerabilities
Vulnerable Software
Sir:  >> Gnuboard  Security Vulnerabilities
CVE-2018-18672
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board head contents" parameter, aka the adm/board_form_update.php bo_content_head parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-07-23
CVE-2018-18675
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board title contents" parameter, aka the adm/board_form_update.php bo_mobile_subject parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-07-23
CVE-2018-18676
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board tail contents" parameter, aka the adm/board_form_update.php bo_mobile_content_tail parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-07-23
CVE-2018-18673
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Menu Link" parameter, aka the adm/menu_list_update.php me_link parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-07-23
CVE-2018-18671
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board head contents" parameter, aka the adm/board_form_update.php bo_mobile_content_head parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-07-23
CVE-2018-18669
GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board title contents" parameter, aka the adm/board_form_update.php bo_subject parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2019-07-23
CVE-2018-15580
Cross-Site Scripting (XSS) vulnerability in adm/contentformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-26
CVE-2018-15581
Cross-Site Scripting (XSS) vulnerability in adm/faqmasterformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-26
CVE-2018-15582
Cross-Site Scripting (XSS) vulnerability in adm/sms_admin/num_book_write.php and adm/sms_admin/num_book_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-26
CVE-2018-15584
Cross-Site Scripting (XSS) vulnerability in adm/boardgroup_form_update.php and adm/boardgroup_list_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-04-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved