Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fudforum vulnerabilities and exploits
(subscribe to this query)
8.5
CVSSv2
CVE-2019-18873
FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the c...
Fudforum Fudforum 3.0.9
1 EDB exploit
1 Github repository
2.6
CVSSv2
CVE-2013-5309
Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and previous versions, when registering a new user, allows remote malicious users to inject arbitrary web script or HTML via a custom profile field to index.php. NOTE: some ...
Fudforum Fudforum 2.8.1
Fudforum Fudforum 2.8.0
Ilia Alshanetsky Fudforum 2.7.0
Ilia Alshanetsky Fudforum 2.6.9
Ilia Alshanetsky Fudforum 2.6.2
Ilia Alshanetsky Fudforum 2.6.15
Ilia Alshanetsky Fudforum 2.6.0
Ilia Alshanetsky Fudforum 2.5.2
Ilia Alshanetsky Fudforum 2.3.3
Ilia Alshanetsky Fudforum 2.3.2
Ilia Alshanetsky Fudforum 2.2.1
Ilia Alshanetsky Fudforum 2.2.0
Ilia Alshanetsky Fudforum 1.2.8
Fudforum Fudforum 3.0.3
Fudforum Fudforum 3.0.2
Fudforum Fudforum 2.7.5
Fudforum Fudforum 2.7.4
Fudforum Fudforum 2.7.3
Ilia Alshanetsky Fudforum 2.6.6
Ilia Alshanetsky Fudforum 2.6.5
Ilia Alshanetsky Fudforum 2.6.12
Ilia Alshanetsky Fudforum 2.6.11
7.5
CVSSv2
CVE-2005-2781
The Avatar upload feature in FUD Forum prior to 2.7.0 does not properly verify uploaded files, which allows remote malicious users to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code.
Ilia Alshanetsky Fudforum 2.2.0
Ilia Alshanetsky Fudforum 2.2.1
Ilia Alshanetsky Fudforum 2.2.2
Ilia Alshanetsky Fudforum 2.3.3
Ilia Alshanetsky Fudforum 2.3.4
Ilia Alshanetsky Fudforum 2.5.2
Ilia Alshanetsky Fudforum 2.6.0
Ilia Alshanetsky Fudforum 2.6.2
Ilia Alshanetsky Fudforum 2.6.3
Ilia Alshanetsky Fudforum 2.7.0
Ilia Alshanetsky Fudforum 2.2.3
Ilia Alshanetsky Fudforum 2.2.4
Ilia Alshanetsky Fudforum 2.3.5
Ilia Alshanetsky Fudforum 2.3.6
Ilia Alshanetsky Fudforum 2.6.1
Ilia Alshanetsky Fudforum 2.6.10
Ilia Alshanetsky Fudforum 2.6.4
Ilia Alshanetsky Fudforum 2.6.5
Ilia Alshanetsky Fudforum 2.1.0
Ilia Alshanetsky Fudforum 2.1.1
Ilia Alshanetsky Fudforum 2.2.5
Ilia Alshanetsky Fudforum 2.3.0
5
CVSSv2
CVE-2005-2600
FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote malicious users to read private posts via a modified mid parameter.
Ilia Alshanetsky Fudforum 2.6.15
5
CVSSv2
CVE-2002-1422
admbrowse.php in FUDforum prior to 2.2.0 allows remote malicious users to create or delete files via URL-encoded pathnames in the cur and dest parameters.
Ilia Alshanetsky Fudforum 1.2.8
Ilia Alshanetsky Fudforum 1.9.8
Ilia Alshanetsky Fudforum 2.0.2
1 EDB exploit
5
CVSSv2
CVE-2002-1423
tmp_view.php in FUDforum prior to 2.2.0 allows remote malicious users to read arbitrary files via an absolute pathname in the file parameter.
Ilia Alshanetsky Fudforum 1.9.8
Ilia Alshanetsky Fudforum 2.0.2
Ilia Alshanetsky Fudforum 1.2.8
1 EDB exploit
7.5
CVSSv2
CVE-2002-1421
SQL injection vulnerabilities in FUDforum prior to 2.2.0 allow remote malicious users to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php.
Ilia Alshanetsky Fudforum 1.9.8
Ilia Alshanetsky Fudforum 2.0.2
Ilia Alshanetsky Fudforum 1.2.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2