Search Results | AttackerKB

Show filters

Topics 8 Users 9,712

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

8 Total Results

Displaying 1-8 of 8

Attacker Value

Unknown

CVE-2018-18674

Disclosure Date: November 07, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board tail contents" parameter, aka the adm/board_form_update.php bo_content_tail parameter.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2018-18675

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board title contents" parameter, aka the adm/board_form_update.php bo_mobile_subject parameter.

0

Attacker Value

Unknown

CVE-2018-18676

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board tail contents" parameter, aka the adm/board_form_update.php bo_mobile_content_tail parameter.

0

Attacker Value

Unknown

CVE-2018-18672

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board head contents" parameter, aka the adm/board_form_update.php bo_content_head parameter.

0

Attacker Value

Unknown

CVE-2018-18670

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Extra Contents" parameter, aka the adm/config_form_update.php cf_1~10 parameter.

0

Attacker Value

Unknown

CVE-2018-18673

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "Menu Link" parameter, aka the adm/menu_list_update.php me_link parameter.

0

Attacker Value

Unknown

CVE-2018-18671

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "mobile board head contents" parameter, aka the adm/board_form_update.php bo_mobile_content_head parameter.

0

Attacker Value

Unknown

CVE-2018-18669

Disclosure Date: July 23, 2019 (last updated September 19, 2024)

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board title contents" parameter, aka the adm/board_form_update.php bo_subject parameter.

0