Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fudforum fudforum vulnerabilities and exploits
(subscribe to this query)
8.5
CVSSv2
CVE-2019-18873
FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the c...
Fudforum Fudforum 3.0.9
1 EDB exploit
1 Github repository
2.6
CVSSv2
CVE-2013-5309
Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and previous versions, when registering a new user, allows remote malicious users to inject arbitrary web script or HTML via a custom profile field to index.php. NOTE: some ...
Fudforum Fudforum 2.8.1
Fudforum Fudforum 2.8.0
Ilia Alshanetsky Fudforum 2.7.0
Ilia Alshanetsky Fudforum 2.6.9
Ilia Alshanetsky Fudforum 2.6.2
Ilia Alshanetsky Fudforum 2.6.15
Ilia Alshanetsky Fudforum 2.6.0
Ilia Alshanetsky Fudforum 2.5.2
Ilia Alshanetsky Fudforum 2.3.3
Ilia Alshanetsky Fudforum 2.3.2
Ilia Alshanetsky Fudforum 2.2.1
Ilia Alshanetsky Fudforum 2.2.0
Ilia Alshanetsky Fudforum 1.2.8
Fudforum Fudforum 3.0.3
Fudforum Fudforum 3.0.2
Fudforum Fudforum 2.7.5
Fudforum Fudforum 2.7.4
Fudforum Fudforum 2.7.3
Ilia Alshanetsky Fudforum 2.6.6
Ilia Alshanetsky Fudforum 2.6.5
Ilia Alshanetsky Fudforum 2.6.12
Ilia Alshanetsky Fudforum 2.6.11
7.5
CVSSv2
CVE-2005-2781
The Avatar upload feature in FUD Forum prior to 2.7.0 does not properly verify uploaded files, which allows remote malicious users to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code.
Ilia Alshanetsky Fudforum 2.2.0
Ilia Alshanetsky Fudforum 2.2.1
Ilia Alshanetsky Fudforum 2.2.2
Ilia Alshanetsky Fudforum 2.3.3
Ilia Alshanetsky Fudforum 2.3.4
Ilia Alshanetsky Fudforum 2.5.2
Ilia Alshanetsky Fudforum 2.6.0
Ilia Alshanetsky Fudforum 2.6.2
Ilia Alshanetsky Fudforum 2.6.3
Ilia Alshanetsky Fudforum 2.7.0
Ilia Alshanetsky Fudforum 2.2.3
Ilia Alshanetsky Fudforum 2.2.4
Ilia Alshanetsky Fudforum 2.3.5
Ilia Alshanetsky Fudforum 2.3.6
Ilia Alshanetsky Fudforum 2.6.1
Ilia Alshanetsky Fudforum 2.6.10
Ilia Alshanetsky Fudforum 2.6.4
Ilia Alshanetsky Fudforum 2.6.5
Ilia Alshanetsky Fudforum 2.1.0
Ilia Alshanetsky Fudforum 2.1.1
Ilia Alshanetsky Fudforum 2.2.5
Ilia Alshanetsky Fudforum 2.3.0
5
CVSSv2
CVE-2005-2600
FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote malicious users to read private posts via a modified mid parameter.
Ilia Alshanetsky Fudforum 2.6.15
5
CVSSv2
CVE-2002-1422
admbrowse.php in FUDforum prior to 2.2.0 allows remote malicious users to create or delete files via URL-encoded pathnames in the cur and dest parameters.
Ilia Alshanetsky Fudforum 1.2.8
Ilia Alshanetsky Fudforum 1.9.8
Ilia Alshanetsky Fudforum 2.0.2
1 EDB exploit
7.5
CVSSv2
CVE-2002-1421
SQL injection vulnerabilities in FUDforum prior to 2.2.0 allow remote malicious users to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php.
Ilia Alshanetsky Fudforum 1.9.8
Ilia Alshanetsky Fudforum 2.0.2
Ilia Alshanetsky Fudforum 1.2.8
5
CVSSv2
CVE-2002-1423
tmp_view.php in FUDforum prior to 2.2.0 allows remote malicious users to read arbitrary files via an absolute pathname in the file parameter.
Ilia Alshanetsky Fudforum 1.9.8
Ilia Alshanetsky Fudforum 2.0.2
Ilia Alshanetsky Fudforum 1.2.8
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2