gnuboard4
by gnuboard
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-7786 | Low | 0.23 | 3.5 | 0.00 | Jul 18, 2025 | A vulnerability, which was classified as problematic, has been found in Gnuboard g6 up to 6.0.10. This issue affects some unknown processing of the file /bbs/scrap_popin_update/qa/ of the component Post Reply Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||
| CVE-2025-60859 | 0.00 | — | 0.00 | Oct 23, 2025 | Cross Site Scripting (XSS) vulnerability in Gnuboard 5.6.15 allows authenticated attackers to execute arbitrary code via crafted c_id parameter in bbs/view_comment.php. | |||
| CVE-2025-61464 | 0.00 | — | 0.00 | Oct 23, 2025 | gnuboard gnuboard4 v4.36.04 and before is vulnerable to Second-order SQL Injection via the search_table in bbs/search.php. | |||
| CVE-2024-37658 | 0.00 | — | 0.00 | Jul 7, 2025 | An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the bbs/member_confirm.php. | |||
| CVE-2024-37657 | 0.00 | — | 0.00 | Jul 7, 2025 | An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via thebbs/login.php component. | |||
| CVE-2024-37656 | 0.00 | — | 0.00 | Jul 7, 2025 | An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the insufficient URL parameter verification in bbs/logout.php. |
- risk 0.23cvss 3.5epss 0.00
A vulnerability, which was classified as problematic, has been found in Gnuboard g6 up to 6.0.10. This issue affects some unknown processing of the file /bbs/scrap_popin_update/qa/ of the component Post Reply Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
- CVE-2025-60859Oct 23, 2025risk 0.00cvss —epss 0.00
Cross Site Scripting (XSS) vulnerability in Gnuboard 5.6.15 allows authenticated attackers to execute arbitrary code via crafted c_id parameter in bbs/view_comment.php.
- CVE-2025-61464Oct 23, 2025risk 0.00cvss —epss 0.00
gnuboard gnuboard4 v4.36.04 and before is vulnerable to Second-order SQL Injection via the search_table in bbs/search.php.
- CVE-2024-37658Jul 7, 2025risk 0.00cvss —epss 0.00
An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the bbs/member_confirm.php.
- CVE-2024-37657Jul 7, 2025risk 0.00cvss —epss 0.00
An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via thebbs/login.php component.
- CVE-2024-37656Jul 7, 2025risk 0.00cvss —epss 0.00
An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the insufficient URL parameter verification in bbs/logout.php.