Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
powie vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-0319
Cross-site scripting vulnerability in edituser.php for pforum 1.14 and previous versions allows remote malicious users to execute script and steal cookies from other users via Javascript in a username.
Powie Pforum 1.12
Powie Pforum 1.13
Powie Pforum 1.14
Powie Pforum 1.11
1 EDB exploit
7.5
CVSSv2
CVE-2012-6524
SQL injection vulnerability in kommentar.php in pGB 2.12 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Powie Pgb 2.12
Powie Pgb 2.14
1 EDB exploit
7.5
CVSSv2
CVE-2008-2673
SQL injection vulnerability in index.php in Powie pNews 2.08 and 2.10, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the shownews parameter.
Powie Pnews 2.08
Powie Pnews 2.10
1 EDB exploit
6.8
CVSSv2
CVE-2004-1716
Cross-site scripting (XSS) vulnerability in PForum prior to 1.26 allows remote malicious users to inject arbitrary web script or HTML via the (1) IRC Server or (2) AIM ID fields in the user profile.
Powie Pforum 1.24
Powie Pforum 1.25
7.5
CVSSv2
CVE-2006-6039
SQL injection vulnerability in matchdetail.php in Powie's PHP MatchMaker 4.05 and previous versions allows remote malicious users to execute arbitrary SQL commands via the edit parameter.
Powie Php Matchmaker
Powie Php Matchmaker 4.05
1 EDB exploit
10
CVSSv2
CVE-2002-0287
pforum 1.14 and previous versions does not explicitly enable PHP magic quotes, which allows remote malicious users to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default.
Powie Pforum
7.5
CVSSv2
CVE-2006-6038
SQL injection vulnerability in editpoll.php in Powie's PHP Forum (pForum) 1.29a and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Powie Pforum
1 EDB exploit
7.5
CVSSv2
CVE-2012-1210
SQL injection vulnerability in pfile/file.php in Powie pFile 1.02 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Powie Pfile 1.02
1 EDB exploit
4.3
CVSSv2
CVE-2012-1211
Cross-site scripting (XSS) vulnerability in pfile/kommentar.php in Powie pFile 1.02 allows remote malicious users to inject arbitrary web script or HTML via the filecat parameter.
Powie Pfile 1.02
1 EDB exploit
7.5
CVSSv2
CVE-2008-4347
SQL injection vulnerability in newskom.php in Powie pNews 2.03 allows remote malicious users to execute arbitrary SQL commands via the newsid parameter.
Powie Pnews 2.03
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »