| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-3689 | 5.0 |
post.php in XMB 1.9.2 allows remote attackers to obtain the installation path via an invalid fid parameter in a newthread action.
|
14-02-2024 - 01:17 | 19-11-2005 - 01:03 | |
| CVE-2004-0323 | 7.5 |
Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to inject arbitrary SQL and gain privileges via the (1) ppp parameter in viewthread.php, (2) desc parameter in misc.php, (3) tpp parameter in forumdisplay.php, (4) asc
|
29-04-2021 - 15:15 | 31-12-2004 - 05:00 | |
| CVE-2003-0483 | 6.8 |
Cross-site scripting (XSS) vulnerabilities in XMB Forum 1.8 Partagium allow remote attackers to insert arbitrary script via (1) the member parameter to member.php or (2) the action parameter to buddy.php.
|
29-04-2021 - 15:15 | 07-08-2003 - 04:00 | |
| CVE-2004-1863 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allow remote attackers to inject arbitrary web script or HTML via (1) the u2uheader parameter in editprofile.php, the restrict parameter
|
29-04-2021 - 15:15 | 31-12-2004 - 05:00 | |
| CVE-2004-1864 | 7.5 |
SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php.
|
29-04-2021 - 15:15 | 26-03-2004 - 05:00 | |
| CVE-2004-0322 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to execute arbitrary script as other users via the (1) member parameter in member.php, (2) uid parameter in u2uadmin.php, (3) user parameter in editprofil
|
29-04-2021 - 15:15 | 23-02-2004 - 05:00 |