Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phorum phorum vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0767
Cross-site scripting (XSS) vulnerability in the core in Phorum prior to 5.1.18 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Phorum Phorum
NA
CVE-2004-2110
SQL injection vulnerability in register.php in Phorum prior to 3.4.6 allows remote malicious users to execute arbitrary SQL commands via the hide_email parameter.
Phorum Phorum
6.1
CVSSv3
CVE-2011-3622
A Cross-Site Scripting (XSS) vulnerability exists in the admin login screen in Phorum prior to 5.2.18.
Phorum Phorum
NA
CVE-2004-0034
Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and previous versions allow remote malicious users to inject arbitrary HTML or web script via (1) the phorum_check_xss function in common.php, (2) the EditError variable in profile.php, and (3) the Error variable...
Phorum Phorum
NA
CVE-2004-0035
SQL injection vulnerability in register.php for Phorum 3.4.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the hide_email parameter.
Phorum Phorum
NA
CVE-2007-2248
Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Phorum prior to 5.1.22 allow remote malicious users to inject arbitrary web script or HTML via the (1) group_id parameter in the groups module or (2) the smiley_id parameter in the smileys modsettings module.
Phorum Phorum
2 EDB exploits
NA
CVE-2007-2250
admin.php in Phorum prior to 5.1.22 allows remote malicious users to obtain the full path via the module[] parameter.
Phorum Phorum
1 EDB exploit
NA
CVE-2007-2338
Cross-site request forgery (CSRF) vulnerability in include/admin/banlist.php in Phorum prior to 5.1.22 allows remote malicious users to perform unauthorized banlist deletions as an administrator via the delete parameter.
Phorum Phorum
1 EDB exploit
NA
CVE-2007-2249
include/controlcenter/users.php in Phorum prior to 5.1.22 allows remote authenticated moderators to gain privileges via a modified (1) user_ids POST parameter or (2) userdata array.
Phorum Phorum
1 EDB exploit
NA
CVE-2006-3249
SQL injection vulnerability in search.php in Phorum 5.1.14 and previous versions allows remote malicious users to execute arbitrary SQL commands via the page parameter. NOTE: the vendor has disputed this report, stating "If a non positive integer or non-integer is used for t...
Phorum Phorum
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »