Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-12-28	CVE-2021-4293	Cross-site Scripting vulnerability in SIR Youngcart5 UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic has been found in gnuboard youngcart5 up to 5.4.5.1. network low complexity sir CWE-79	6.1
2022-05-16	CVE-2022-30050	Cross-site Scripting vulnerability in SIR Gnuboard 5.55/5.56 Gnuboard 5.55 and 5.56 is vulnerable to Cross Site Scripting (XSS) via bbs/member_confirm.php. network sir CWE-79	4.3
2019-08-22	CVE-2017-18572	Cross-site Scripting vulnerability in SIR Gnucommerce The gnucommerce plugin before 1.4.2 for WordPress has XSS. network sir CWE-79	4.3
2019-08-22	CVE-2016-10920	Cross-site Scripting vulnerability in SIR Gnucommerce The gnucommerce plugin before 0.5.7-BETA for WordPress has XSS. network sir CWE-79	4.3
2014-03-19	CVE-2014-2339	SQL Injection vulnerability in SIR Gnuboard Multiple SQL injection vulnerabilities in bbs/ajax.autosave.php in GNUboard 5.x and possibly earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) subject or (2) content parameter. network low complexity sir CWE-89	6.5
2012-09-06	CVE-2012-4873	Cross-Site Scripting vulnerability in SIR Gnuboard 4.31.3/4.31.4/4.33.2 Cross-site scripting (XSS) vulnerability in the file_download function in GNUBoard before 4.34.21 allows remote attackers to inject arbitrary web script or HTML via the filename parameter. network sir CWE-79	4.3
2009-01-27	CVE-2009-0290	Path Traversal vulnerability in SIR Gnuboard 4.31.03 Directory traversal vulnerability in common.php in SIR GNUBoard 4.31.03 allows remote attackers to include and execute arbitrary local files via a .. network sir CWE-22	6.8