Deluxebb : Security Vulnerabilities, CVEs, (XSS)
Cross-site scripting (XSS) vulnerability in misc.php in DeluxeBB 1.3 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Max CVSS
4.3
EPSS Score
0.20%
Published
2009-12-30
Updated
2017-08-17
Cross-site scripting (XSS) vulnerability in templates/default/admincp/attachments_header.php in DeluxeBB 1.1 allows remote attackers to inject arbitrary web script or HTML via the lang_listofmatches parameter.
Max CVSS
4.3
EPSS Score
0.21%
Published
2008-01-23
Updated
2018-10-15
DeluxeBB 1.08, and possibly earlier, uses cookies that include the MD5 hash of a password, which allows remote attackers to gain privileges by sniffing or cross-site scripting (XSS) and conduct password guessing attacks.
Max CVSS
2.6
EPSS Score
0.29%
Published
2006-08-11
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in newpost.php in DeluxeBB 1.08, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the subject parameter (aka the topic title field).
Max CVSS
6.8
EPSS Score
1.60%
Published
2006-08-11
Updated
2018-10-17
Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB before 1.08 allow remote attackers to inject arbitrary web script or HTML via the (1) membercookie cookie in header.php and the (2) redirect parameter in misc.php.
Max CVSS
2.6
EPSS Score
0.61%
Published
2006-07-24
Updated
2018-10-17
Multiple cross-site scripting (XSS) vulnerabilities in pm.php in DeluxeBB 1.07 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) subject or (2) to parameters.
Max CVSS
4.3
EPSS Score
0.68%
Published
2006-06-29
Updated
2017-07-20
6 vulnerabilities found