Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gforge gforge vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2007-4966
SQL injection vulnerability in www/people/editprofile.php in GForge 4.6b2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the skill_delete[] parameter.
Gforge Gforge
1 EDB exploit
7.5
CVSSv2
CVE-2007-3913
SQL injection vulnerability in Gforge prior to 3.1 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Gforge Gforge
1 EDB exploit
6.8
CVSSv2
CVE-2007-0246
plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 prior to 20070524, aka gforge-plugin-scmcvs, allows remote malicious users to execute arbitrary commands via shell metacharacters in the PATH_INFO.
Gforge Gforge
7.5
CVSSv2
CVE-2008-0173
SQL injection vulnerability in Gforge 4.6.99 and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified parameters, related to RSS exports.
Gforge Gforge
4.3
CVSSv2
CVE-2005-2430
Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) forum_id or (2) group_id parameter to forum.php, (3) project_task_id parameter to task.php, (4) id parameter to detail.php, (5) the te...
Gforge Gforge 4.5
4.3
CVSSv2
CVE-2007-3918
Cross-site scripting (XSS) vulnerability in account/verify.php in GForge 4.6b2 allows remote malicious users to inject arbitrary web script or HTML via the confirm_hash parameter.
Gforge Gforge 4.6 B2
7.5
CVSSv2
CVE-2008-6189
SQL injection vulnerability in GForge 4.5.19 allows remote malicious users to execute arbitrary SQL commands via the offset parameter to (1) new/index.php, (2) news/index.php, and (3) top/topusers.php, which is not properly handled in database-pgsql.php.
Gforge Gforge 4.5.19
1 EDB exploit
5
CVSSv2
CVE-2005-2431
The (1) lost password and (2) account pending features in GForge 4.5 do not properly set a limit on the number of e-mails sent to an e-mail address, which allows remote malicious users to send a large number of messages to arbitrary e-mail addresses (aka mail bomb).
Gforge Gforge 4.5
4.6
CVSSv2
CVE-2008-0167
The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow malicious users to bypass intended access restrictions or have unspecified other impact in opportunistic c...
Gforge Gforge 4.5.14
1 EDB exploit
6.8
CVSSv2
CVE-2007-0176
Cross-site scripting (XSS) vulnerability in search/advanced_search.php in GForge 4.5.11 allows remote malicious users to inject arbitrary web script or HTML via the words parameter.
Gforge Gforge 4.5.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »