Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php forum vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-5055
PHP remote file inclusion vulnerability in admin/testing/tests/0004_init_urls.php in syntaxCMS 1.1.1 up to and including 1.3 allows remote malicious users to execute arbitrary PHP code via a URL in the init_path parameter.
Forum One Syntaxcms 1.2.1
Forum One Syntaxcms
Forum One Syntaxcms 1.1.1
Forum One Syntaxcms 1.1.2
1 EDB exploit
10
CVSSv2
CVE-2008-5090
Electron Inc. Advanced Electron Forum prior to 1.0.7 allows remote malicious users to execute arbitrary PHP code via PHP code embedded in bbcode in the email parameter, which is processed by the preg_replace function with the eval switch.
Anelectron Advanced Electron Forum 1.0.2
Anelectron Advanced Electron Forum 1.0.1
Anelectron Advanced Electron Forum 1.0.4
Anelectron Advanced Electron Forum 1.0.3
Anelectron Advanced Electron Forum
Anelectron Advanced Electron Forum 1.0.5
1 EDB exploit
7.5
CVSSv2
CVE-2006-5421
WSN Forum 1.3.4 and previous versions allows remote malicious users to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php. NOTE: this issue has been label...
Wsn Forum Wsn Forum
1 EDB exploit
6
CVSSv2
CVE-2007-0596
PHP remote file inclusion vulnerability in index/main.php in Aztek Forum 4.00 allows remote authenticated administrators to execute arbitrary PHP code via a URL in the PF[top_url] parameter.
Aztek Forum Aztek Forum 4.0
7.5
CVSSv2
CVE-2006-5105
Multiple PHP remote file inclusion vulnerabilities in SyntaxCMS 1.1.1 up to and including 1.3 allow remote malicious users to execute arbitrary PHP code via a URL in (1) the init_path parameter to admin/testing/tests/0030_init_syntax.php, or (2) an unspecified parameter to admin/...
Forum One Syntaxcms 1.1.1
Forum One Syntaxcms 1.2.1
Forum One Syntaxcms 1.3
7.5
CVSSv2
CVE-2002-2200
Benjamin Lefevre Dobermann FORUM 0.5 and previous versions allows remote malicious users to remotely include and execute malicious PHP files via the "subpath" variablein (1) entete.php, (2) enteteacceuil.php, (3) index.php, or (4) newtopic.php.
Benjamin Lefevre Dobermann Forum 0.2
Benjamin Lefevre Dobermann Forum 0.4
Benjamin Lefevre Dobermann Forum 0.1
Benjamin Lefevre Dobermann Forum 0.3
Benjamin Lefevre Dobermann Forum 0.5
4 EDB exploits
7.5
CVSSv2
CVE-2008-6741
SQL injection vulnerability in Load.php in Simple Machines Forum (SMF) 1.1.4 and previous versions allows remote malicious users to execute arbitrary SQL commands by setting the db_character_set parameter to a multibyte character set such as big5, which causes the addslashes PHP ...
Simple Machines Simple Machines Forum 1.0.11
Simple Machines Simple Machines Forum
Simple Machines Simple Machines Forum 1.1
Simple Machines Simple Machines Forum 1.0.5
Simple Machines Simple Machines Forum 1.0.12
Simple Machines Simple Machines Forum 1.1.3
Simple Machines Simple Machines Forum 1.1.1
Simple Machines Simple Machines Forum 1.0.6
Simple Machines Simple Machines Forum 1.0.7
Simple Machines Simple Machines Forum 1.1.2
1 EDB exploit
5.5
CVSSv2
CVE-2008-6659
Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 prior to 1.0.15 and 1.1 prior to 1.1.7 allows remote authenticated users to configure arbitrary local files for execution via directory traversal sequences in the value of the theme_dir field during...
Simple Machines Simple Machines Forum 1.1 Rc2
Simple Machines Simple Machines Forum 1.1 Rc3
Simple Machines Simple Machines Forum 1.0.5
Simple Machines Simple Machines Forum 1.0.12
Simple Machines Simple Machines Forum 1.1.4
Simple Machines Simple Machines Forum 1.1.5
Simple Machines Simple Machines Forum 1.0.6
Simple Machines Simple Machines Forum 1.0.7
Simple Machines Simple Machines Forum 1.1 Rc1
Simple Machines Simple Machines Forum 1.1.6
Simple Machines Simple Machines Forum 1.1.1
Simple Machines Simple Machines Forum 1.0.11
Simple Machines Simple Machines Forum 1.1.2
Simple Machines Simple Machines Forum 1.1.3
1 EDB exploit
7.5
CVSSv2
CVE-2003-1406
PHP remote file inclusion vulnerability in D-Forum 1.00 up to and including 1.11 allows remote malicious users to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3.
Adalis Infomatique D Forum 1.0
Adalis Infomatique D Forum 1.10
Adalis Infomatique D Forum 1.11
2 EDB exploits
4.3
CVSSv2
CVE-2004-2725
Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the search parameter in (a) search.php, (2) the email parameter in (b) subscribe.php, and (3) the return and (4) title parameters in ...
Aztek Forum Aztek Forum 4.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »