Shodan
Vulnerabilities
Vulnerable Software
Xmb Forum:  >> Xmb  >> 1.8  Security Vulnerabilities
CVE-2004-0323
Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to inject arbitrary SQL and gain privileges via the (1) ppp parameter in viewthread.php, (2) desc parameter in misc.php, (3) tpp parameter in forumdisplay.php, (4) ascdesc parameter in forumdisplay.php, or (5) the addon parameter in stats.php. NOTE: it has also been shown that item (3) is also in XMB 1.9 beta.
CVSS Score
7.5
EPSS Score
0.008
Published
2004-12-31
CVE-2004-0322
Multiple cross-site scripting (XSS) vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to execute arbitrary script as other users via the (1) member parameter in member.php, (2) uid parameter in u2uadmin.php, (3) user parameter in editprofile.php, (4) an onmouseover event in an align tag when bbcode is allowed, or (5) img tag where bbcode is allowed.
CVSS Score
4.3
EPSS Score
0.012
Published
2004-02-23
CVE-2003-0483
Cross-site scripting (XSS) vulnerabilities in XMB Forum 1.8 Partagium allow remote attackers to insert arbitrary script via (1) the member parameter to member.php or (2) the action parameter to buddy.php.
CVSS Score
6.8
EPSS Score
0.005
Published
2003-08-07
CVE-2003-0375
Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB 1.8.x (aka Partagium) allows remote attackers to insert arbitrary HTML and web script via the "member" parameter.
CVSS Score
4.3
EPSS Score
0.006
Published
2003-06-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved