Filtered by vendor Sir
Subscriptions
Total
33 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-18671 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board head contents" parameter, aka the adm/board_form_update.php bo_mobile_content_head parameter. | ||||
| CVE-2018-18670 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Extra Contents" parameter, aka the adm/config_form_update.php cf_1~10 parameter. | ||||
| CVE-2018-18669 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board title contents" parameter, aka the adm/board_form_update.php bo_subject parameter. | ||||
| CVE-2018-18668 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "homepage title" parameter, aka the adm/config_form_update.php cf_title parameter. | ||||
| CVE-2018-15585 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in newwinform.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter. | ||||
| CVE-2018-15584 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in adm/boardgroup_form_update.php and adm/boardgroup_list_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15583 | 1 Sir | 1 Gnuboard | 2024-11-21 | 6.1 Medium |
| Cross-Site Scripting (XSS) vulnerability in point_list.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter. | ||||
| CVE-2018-15582 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in adm/sms_admin/num_book_write.php and adm/sms_admin/num_book_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15581 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in adm/faqmasterformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15580 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in adm/contentformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2017-18572 | 1 Sir | 1 Gnucommerce | 2024-11-21 | N/A |
| The gnucommerce plugin before 1.4.2 for WordPress has XSS. | ||||
| CVE-2016-10920 | 1 Sir | 1 Gnucommerce | 2024-11-21 | N/A |
| The gnucommerce plugin before 0.5.7-BETA for WordPress has XSS. | ||||
| CVE-2024-41475 | 2 Gnuboard, Sir | 2 Gnuboard6, Gnuboard | 2024-09-18 | 9.8 Critical |
| Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a CORS misconfiguration. | ||||