Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
forum vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-3043
Unspecified vulnerability in the WEC Discussion Forum (wec_discussion) extension 1.6.2 and previous versions for TYPO3 allows malicious users to execute arbitrary code via vectors related to "certain file types."
Typo3 Wec Discussion Forum 1.6.0
Typo3 Wec Discussion Forum 1.6.1
Typo3 Wec Discussion Forum
6.4
CVSSv2
CVE-2006-6449
Vt-Forum Lite 1.3 and previous versions store sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for db/forum.mdb. NOTE: The provenance of this information is unknown; the deta...
Vt-forum Vt-forum Lite 1.3
4.3
CVSSv2
CVE-2015-1475
Multiple cross-site scripting (XSS) vulnerabilities in my little forum 2.3.3, 2.2, and 1.7 allow remote malicious users to inject arbitrary web script or HTML via the (1) page or (2) category parameter to forum.php or the (3) page or (4) order parameter to (a) board_entry.php or ...
Mylittleforum My Little Forum 1.7
Mylittleforum My Little Forum 2.3.3
Mylittleforum My Little Forum 2.2
7.5
CVSSv2
CVE-2003-1406
PHP remote file inclusion vulnerability in D-Forum 1.00 up to and including 1.11 allows remote malicious users to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3.
Adalis Infomatique D Forum 1.0
Adalis Infomatique D Forum 1.10
Adalis Infomatique D Forum 1.11
2 EDB exploits
7.5
CVSSv2
CVE-2005-1554
SQL injection vulnerability in view_user.php in WowBB 1.6, 1.61, and 1.62 allows remote malicious users to execute arbitrary SQL commands via the sort_by parameter.
Wowbb Wowbb Web Forum 1.6
Wowbb Wowbb Web Forum 1.61
Wowbb Wowbb Web Forum 1.62
5
CVSSv2
CVE-2005-0831
PHP-Post allows remote malicious users to spoof the names of other users by registering with a username containing hex-encoded characters.
Php-post Php-post Web Forum 0.1
Php-post Php-post Web Forum 0.2
Php-post Php-post Web Forum 0.21
Php-post Php-post Web Forum 0.22
Php-post Php-post Web Forum 0.3
Php-post Php-post Web Forum 0.32
4.3
CVSSv2
CVE-2005-0832
Cross-site scripting (XSS) vulnerability in PHP-Post prior to 0.33 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.
Php-post Php-post Web Forum 0.21
Php-post Php-post Web Forum 0.32
Php-post Php-post Web Forum 0.2
Php-post Php-post Web Forum 0.3
Php-post Php-post Web Forum 0.22
Php-post Php-post Web Forum 0.1
NA
CVE-2023-29637
Cross Site Scripting (XSS) vulnerability in Qbian61 forum-java, allows malicious users to inject arbitrary web script or HTML via editing the article content in the "article editor" page.
Qbian61 Forum-java Project Qbian61 Forum-java -
4.3
CVSSv2
CVE-2008-3316
Cross-site scripting (XSS) vulnerability in the search feature in the Forum plugin prior to 2.7.1 for Geeklog allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, probably related to (1) public_html/index.php, (2) config.php, and (3) funct...
Portalparts Forum Plugin
Portalparts Forum Plugin 2.3.1
5
CVSSv2
CVE-2009-4383
Directory traversal vulnerability in Pforum.php in Rocomotion P forum prior to 1.28 allows remote malicious users to read arbitrary files via directory traversal sequences in unspecified vectors.
Rocomotion P Forum 1.00
Rocomotion P Forum
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »