Search Results | AttackerKB

Show filters

Topics 31 Users 9,712

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

31 Total Results

Displaying 11-20 of 31

Attacker Value

Unknown

CVE-2018-18678

Disclosure Date: October 30, 2019 (last updated September 19, 2024)

GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board group extra contents" parameter, aka the adm/boardgroup_form_update.php gr_1~10 parameter.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2018-18668

Disclosure Date: August 26, 2019 (last updated September 19, 2024)

GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "homepage title" parameter, aka the adm/config_form_update.php cf_title parameter.

0

Attacker Value

Unknown

CVE-2018-18675

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board title contents" parameter, aka the adm/board_form_update.php bo_mobile_subject parameter.

0

Attacker Value

Unknown

CVE-2018-18676

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board tail contents" parameter, aka the adm/board_form_update.php bo_mobile_content_tail parameter.

0

Attacker Value

Unknown

CVE-2018-18672

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board head contents" parameter, aka the adm/board_form_update.php bo_content_head parameter.

0

Attacker Value

Unknown

CVE-2018-18670

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Extra Contents" parameter, aka the adm/config_form_update.php cf_1~10 parameter.

0

Attacker Value

Unknown

CVE-2018-18673

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Menu Link" parameter, aka the adm/menu_list_update.php me_link parameter.

0

Attacker Value

Unknown

CVE-2018-18671

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board head contents" parameter, aka the adm/board_form_update.php bo_mobile_content_head parameter.

0

Attacker Value

Unknown

CVE-2018-18669

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board title contents" parameter, aka the adm/board_form_update.php bo_subject parameter.

0

Attacker Value

Unknown

CVE-2018-15581

Disclosure Date: April 26, 2019 (last updated September 19, 2024)

Cross-Site Scripting (XSS) vulnerability in adm/faqmasterformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.

0