Exploitation Summary
EIP tracks 1 public exploit for CVE-2008-5944. PoCs published by CraCkEr.
AI-analyzed exploit summary The provided text describes a local file inclusion (LFI) and cross-site scripting (XSS) vulnerability in Navboard 16. It outlines the potential impact but does not include functional exploit code.
Description
Cross-site scripting (XSS) vulnerability in modules.php in NavBoard 16 (2.6.0) allows remote attackers to inject arbitrary web script or HTML via the module parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by CraCkEr · textwebappsphp
https://www.exploit-db.com/exploits/32245
The provided text describes a local file inclusion (LFI) and cross-site scripting (XSS) vulnerability in Navboard 16. It outlines the potential impact but does not include functional exploit code.
Classification
Writeup 90%
Attack Type
Xss | Info Leak
Complexity
Trivial
Reliability
Theoretical
Target:
Navboard 16
No auth needed
Prerequisites:
Access to the vulnerable Navboard application
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44451
Exploit x_refsource_misc
http://packetstorm.linuxsecurity.com/0808-exploits/navboard-lfixss.txt
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/30687
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31463
Scores
EPSS
0.0150
EPSS Percentile
71.0%
Details
CWE
CWE-79
Status
published
Products (1)
navboard/navboard
16
Published
Jan 22, 2009
Tracked Since
Feb 18, 2026