Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fudforum fudforum vulnerabilities and exploits
(subscribe to this query)
9
CVSSv3
CVE-2019-18873
FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the c...
Fudforum Fudforum 3.0.9
1 EDB exploit
1 Github repository
NA
CVE-2013-5309
Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and previous versions, when registering a new user, allows remote malicious users to inject arbitrary web script or HTML via a custom profile field to index.php. NOTE: some ...
Ilia Alshanetsky Fudforum 2.6.11
Ilia Alshanetsky Fudforum 2.6.9
Ilia Alshanetsky Fudforum 2.3.5
Ilia Alshanetsky Fudforum 2.6.2
Ilia Alshanetsky Fudforum 2.6.8
Ilia Alshanetsky Fudforum 2.6.13
Ilia Alshanetsky Fudforum 2.6.1
Ilia Alshanetsky Fudforum 2.3.1
Ilia Alshanetsky Fudforum 2.2.3
Ilia Alshanetsky Fudforum 1.2.8
Ilia Alshanetsky Fudforum 2.6.14
Ilia Alshanetsky Fudforum 2.2.1
Ilia Alshanetsky Fudforum 2.6.6
Ilia Alshanetsky Fudforum 2.1.3
Ilia Alshanetsky Fudforum 2.2.5
Ilia Alshanetsky Fudforum 1.9.8
Ilia Alshanetsky Fudforum 2.7.0
Ilia Alshanetsky Fudforum 2.5.2
Ilia Alshanetsky Fudforum 2.2.2
Ilia Alshanetsky Fudforum 2.3.4
Ilia Alshanetsky Fudforum 2.6.7
Ilia Alshanetsky Fudforum 2.1.1
NA
CVE-2005-2781
The Avatar upload feature in FUD Forum prior to 2.7.0 does not properly verify uploaded files, which allows remote malicious users to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code.
Ilia Alshanetsky Fudforum 2.6.11
Ilia Alshanetsky Fudforum 2.6.9
Ilia Alshanetsky Fudforum 2.3.5
Ilia Alshanetsky Fudforum 2.6.2
Ilia Alshanetsky Fudforum 2.6.8
Ilia Alshanetsky Fudforum 2.6.13
Ilia Alshanetsky Fudforum 2.6.1
Ilia Alshanetsky Fudforum 2.3.1
Ilia Alshanetsky Fudforum 2.2.3
Ilia Alshanetsky Fudforum 2.6.14
Ilia Alshanetsky Fudforum 2.2.1
Ilia Alshanetsky Fudforum 2.6.6
Ilia Alshanetsky Fudforum 2.1.3
Ilia Alshanetsky Fudforum 2.2.5
Ilia Alshanetsky Fudforum 2.7.0
Ilia Alshanetsky Fudforum 2.5.2
Ilia Alshanetsky Fudforum 2.2.2
Ilia Alshanetsky Fudforum 2.3.4
Ilia Alshanetsky Fudforum 2.6.7
Ilia Alshanetsky Fudforum 2.1.1
Ilia Alshanetsky Fudforum 2.6.10
Ilia Alshanetsky Fudforum 2.5.0
NA
CVE-2005-2600
FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote malicious users to read private posts via a modified mid parameter.
Ilia Alshanetsky Fudforum 2.6.15
NA
CVE-2002-1421
SQL injection vulnerabilities in FUDforum prior to 2.2.0 allow remote malicious users to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php.
Ilia Alshanetsky Fudforum 1.2.8
Ilia Alshanetsky Fudforum 1.9.8
Ilia Alshanetsky Fudforum 2.0.2
NA
CVE-2002-1422
admbrowse.php in FUDforum prior to 2.2.0 allows remote malicious users to create or delete files via URL-encoded pathnames in the cur and dest parameters.
Ilia Alshanetsky Fudforum 1.2.8
Ilia Alshanetsky Fudforum 1.9.8
Ilia Alshanetsky Fudforum 2.0.2
1 EDB exploit
NA
CVE-2002-1423
tmp_view.php in FUDforum prior to 2.2.0 allows remote malicious users to read arbitrary files via an absolute pathname in the file parameter.
Ilia Alshanetsky Fudforum 1.2.8
Ilia Alshanetsky Fudforum 1.9.8
Ilia Alshanetsky Fudforum 2.0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2