Vulnerabilities > SIR

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-23	CVE-2018-18669	Cross-site Scripting vulnerability in SIR Gnuboard 5.3.1.9 GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the "board title contents" parameter, aka the adm/board_form_update.php bo_subject parameter. network low complexity sir CWE-79	6.1
2019-04-26	CVE-2018-15584	Cross-site Scripting vulnerability in SIR Gnuboard Cross-Site Scripting (XSS) vulnerability in adm/boardgroup_form_update.php and adm/boardgroup_list_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. network low complexity sir CWE-79	6.1
2019-04-26	CVE-2018-15582	Cross-site Scripting vulnerability in SIR Gnuboard Cross-Site Scripting (XSS) vulnerability in adm/sms_admin/num_book_write.php and adm/sms_admin/num_book_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. network low complexity sir CWE-79	6.1
2019-04-26	CVE-2018-15581	Cross-site Scripting vulnerability in SIR Gnuboard Cross-Site Scripting (XSS) vulnerability in adm/faqmasterformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. network low complexity sir CWE-79	6.1
2019-04-26	CVE-2018-15580	Cross-site Scripting vulnerability in SIR Gnuboard Cross-Site Scripting (XSS) vulnerability in adm/contentformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. network low complexity sir CWE-79	6.1
2019-03-27	CVE-2018-15585	Cross-site Scripting vulnerability in SIR Gnuboard Cross-Site Scripting (XSS) vulnerability in newwinform.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter. network low complexity sir CWE-79	6.1
2019-03-25	CVE-2018-15583	Cross-site Scripting vulnerability in SIR Gnuboard Cross-Site Scripting (XSS) vulnerability in point_list.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter. network low complexity sir CWE-79	6.1
2005-05-02	CVE-2005-0269	Improper Handling of Case Sensitivity vulnerability in SIR Gnuboard 3.40 The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters. network low complexity sir CWE-178 critical	9.8

Vulnerabilities > SIR {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"SIR"}]}

Vulnerabilities > SIR