Vulnerabilities > XMB Forum > XMB > 1.8.sp3

DATE CVE VULNERABILITY TITLE RISK
2004-12-31 CVE-2004-1863 Cross-Site Scripting vulnerability in XMB Forum XMB 1.8Sp3/1.9Beta
Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allow remote attackers to inject arbitrary web script or HTML via (1) the u2uheader parameter in editprofile.php, the restrict parameter in (2) member.php, (3) misc.php, and (4) today.php, and (5) an arbitrary parameter in phpinfo.php.
network
xmb-forum CWE-79
4.3
2004-12-31 CVE-2004-1860 Buffer Overflow vulnerability in XMB Forum XMB 1.8Sp3/1.9Beta
Buffer overflow in Check Point SmartDashboard in Check Point NG AI R54 and R55 allows remote authenticated users to cause a denial of service (server disconnect) and possibly execute arbitrary code via a large filter on a column when using SmartView Tracker.
network
low complexity
xmb-forum
5.0
2004-03-26 CVE-2004-1864 Unspecified vulnerability in XMB Forum XMB 1.8Sp3/1.9Beta
SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL commands via the restrict parameter to (1) member.php, (2) misc.php, or (3) today.php.
network
low complexity
xmb-forum
7.5
2004-03-26 CVE-2004-1862 Unspecified vulnerability in XMB Forum XMB 1.8Sp3/1.9Beta
Multiple cross-site scripting (XSS) vulnerabilities in Extreme Messageboard (XMB) 1.8 SP3 and 1.9 beta allow remote attackers to inject arbitrary web script or HTML via the (1) xmbuser parameter to xmb.php, (2) folder parameter to u2u.php, (3) viewmost, replymost, or latest parameter to stats.php, (4) message or icons parameter to post.php, (5) threadlist, pagelinks, forumlist, navigation, or (6) forumdisplay parameter to forumdisplay.php.
network
xmb-forum
4.3