Vulnerabilities > XMB Forum > XMB > 1.8.sp3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-1863 | Cross-Site Scripting vulnerability in XMB Forum XMB 1.8Sp3/1.9Beta Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allow remote attackers to inject arbitrary web script or HTML via (1) the u2uheader parameter in editprofile.php, the restrict parameter in (2) member.php, (3) misc.php, and (4) today.php, and (5) an arbitrary parameter in phpinfo.php. | 4.3 |
2004-12-31 | CVE-2004-1860 | Buffer Overflow vulnerability in XMB Forum XMB 1.8Sp3/1.9Beta Buffer overflow in Check Point SmartDashboard in Check Point NG AI R54 and R55 allows remote authenticated users to cause a denial of service (server disconnect) and possibly execute arbitrary code via a large filter on a column when using SmartView Tracker. | 5.0 |
2004-03-26 | CVE-2004-1864 | Unspecified vulnerability in XMB Forum XMB 1.8Sp3/1.9Beta SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php. | 7.5 |
2004-03-26 | CVE-2004-1862 | Unspecified vulnerability in XMB Forum XMB 1.8Sp3/1.9Beta Multiple cross-site scripting (XSS) vulnerabilities in Extreme Messageboard (XMB) 1.8 SP3 and 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) xmbuser parameter to xmb.php, (2) folder parameter to u2u.php, (3) viewmost, replymost, or latest parameter to stats.php, (4) message or icons parameter to post.php, (5) threadlist, pagelinks, forumlist, navigation, or (6) forumdisplay parameter to forumdisplay.php. network xmb-forum | 4.3 |