Apboard
Products
2- 3 CVEs
- 2 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-59835 | Hig | 0.49 | — | 0.00 | Oct 2, 2025 | LangBot is a global IM bot platform designed for LLMs. In versions 4.1.0 up to but not including 4.3.5, authorized attackers can exploit the /api/v1/files/documents interface to perform arbitrary file uploads. Since this interface does not strictly restrict the storage directory… | ||
| CVE-2005-3746 | 0.03 | — | 0.01 | Nov 22, 2005 | SQL injection vulnerability in thread.php in APBoard allows remote attackers to execute arbitrary SQL commands via the start parameter. | |||
| CVE-2026-28509 | 0.00 | — | 0.00 | Mar 6, 2026 | LangBot is a global IM bot platform designed for LLMs. Prior to version 4.8.7, LangBot’s web UI renders user-supplied raw HTML using rehypeRaw, which can lead to a cross-site scripting (XSS) vulnerability. This issue has been patched in version 4.8.7. | |||
| CVE-2006-3078 | 0.00 | — | 0.01 | Jun 19, 2006 | Multiple SQL injection vulnerabilities in APBoard 2.2-r3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) PHPSESSID parameter in board.php and (2) viewcatmod parameter in main.php. | |||
| CVE-2002-2398 | 0.00 | — | 0.01 | Dec 31, 2002 | The new thread posting page in APBoard 2.02 and 2.03 allows remote attackers to post messages to protected forums by modifying the insertinto parameter. |
- risk 0.49cvss —epss 0.00
LangBot is a global IM bot platform designed for LLMs. In versions 4.1.0 up to but not including 4.3.5, authorized attackers can exploit the /api/v1/files/documents interface to perform arbitrary file uploads. Since this interface does not strictly restrict the storage directory…
- CVE-2005-3746Nov 22, 2005risk 0.03cvss —epss 0.01
SQL injection vulnerability in thread.php in APBoard allows remote attackers to execute arbitrary SQL commands via the start parameter.
- CVE-2026-28509Mar 6, 2026risk 0.00cvss —epss 0.00
LangBot is a global IM bot platform designed for LLMs. Prior to version 4.8.7, LangBot’s web UI renders user-supplied raw HTML using rehypeRaw, which can lead to a cross-site scripting (XSS) vulnerability. This issue has been patched in version 4.8.7.
- CVE-2006-3078Jun 19, 2006risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in APBoard 2.2-r3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) PHPSESSID parameter in board.php and (2) viewcatmod parameter in main.php.
- CVE-2002-2398Dec 31, 2002risk 0.00cvss —epss 0.01
The new thread posting page in APBoard 2.02 and 2.03 allows remote attackers to post messages to protected forums by modifying the insertinto parameter.