Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phorum phorum vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6968
Cross-site scripting (XSS) vulnerability in the group moderation control center page in Phorum prior to 5.1.19 might allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Phorum Phorum
NA
CVE-2006-6550
PHP remote file inclusion vulnerability in common.php in Phorum 3.2.11 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the db_file parameter. NOTE: CVE disputes this vulnerability because db_file is defined before use
Phorum Phorum 3.2.11
1 EDB exploit
NA
CVE-2006-3611
Directory traversal vulnerability in pm.php in Phorum 5 allows remote authenticated users to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[template] parameter, as demonstrated by injecting PHP sequences into a log file, which is then i...
Phorum Phorum 3.2.2
Phorum Phorum
Phorum Phorum 5.0.15
Phorum Phorum 3.1.1 Pre
Phorum Phorum 5.0.1 Alpha
Phorum Phorum 3.4.6
Phorum Phorum 3.2.3
Phorum Phorum 5.0.13a
Phorum Phorum 5.0.15a
Phorum Phorum 3.2.7
Phorum Phorum 3.4.3
Phorum Phorum 5.0.2 Alpha
Phorum Phorum 5.0.5 Beta
Phorum Phorum 5.0.19
Phorum Phorum 5.1.13
Phorum Phorum 3.1.1
Phorum Phorum 3.2.8
Phorum Phorum 3.3.1a
Phorum Phorum 5.0.7a Beta
Phorum Phorum 3.4.4
Phorum Phorum 5.0.17
Phorum Phorum 5.0.17a
1 EDB exploit
NA
CVE-2006-3612
Cross-site scripting (XSS) vulnerability in Phorum 5.1.14 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Phorum Phorum 5.1.14
NA
CVE-2006-3615
Multiple PHP remote file inclusion vulnerabilities in Phorum 5.1.14, when register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via unspecified vectors related to an uninitialized variable.
Phorum Phorum 5.1.14
NA
CVE-2006-3249
SQL injection vulnerability in search.php in Phorum 5.1.14 and previous versions allows remote malicious users to execute arbitrary SQL commands via the page parameter. NOTE: the vendor has disputed this report, stating "If a non positive integer or non-integer is used for t...
Phorum Phorum
NA
CVE-2006-3053
PHP remote file inclusion vulnerability in common.php in PHORUM 5.1.13 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the PHORUM[http_path] parameter. NOTE: this issue has been disputed by the vendor, who states "common.php is ...
Phorum Phorum 3.2.2
Phorum Phorum 3.1.1 Pre
Phorum Phorum 3.4.6
Phorum Phorum 3.2.3
Phorum Phorum 5.0.15a
Phorum Phorum 3.2.7
Phorum Phorum 3.4.3
Phorum Phorum 3.1.1
Phorum Phorum 3.2.8
Phorum Phorum 3.3.1a
Phorum Phorum 3.4.4
Phorum Phorum 5.0.17a
Phorum Phorum 3.3.1
Phorum Phorum 3.4
Phorum Phorum 3.3.2
Phorum Phorum 3.1.1 Rc2
Phorum Phorum 5.0.18
Phorum Phorum 3.1.1a
Phorum Phorum 3.4.5
Phorum Phorum 5.0.12
Phorum Phorum 3.4.8a
Phorum Phorum 3.2.5
1 EDB exploit
NA
CVE-2006-1152
PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote malicious users to include arbitrary files via the go parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
M Phorum M Phorum 0.2
NA
CVE-2006-1151
Cross-site scripting vulnerability in index.php in M-Phorum 0.2 allows remote malicious users to inject arbitrary web script or HTML via the go parameter.
M Phorum M Phorum 0.2
1 EDB exploit
NA
CVE-2005-3543
SQL injection vulnerability in search.php in Phorum 5.0.0alpha up to and including 5.0.20, when register_globals is enabled, allows remote malicious users to execute arbitrary SQL commands via the forum_ids parameter.
Phorum Phorum 5.0.15
Phorum Phorum 5.0.1 Alpha
Phorum Phorum 5.0.13a
Phorum Phorum 5.0.2 Alpha
Phorum Phorum 5.0.5 Beta
Phorum Phorum 5.0.19
Phorum Phorum 5.0.7a Beta
Phorum Phorum 5.0.17
Phorum Phorum 5.0.18
Phorum Phorum 5.0.4a Beta
Phorum Phorum 5.0.12
Phorum Phorum 5.0.20
Phorum Phorum 5.0.0 Alpha
Phorum Phorum 5.0.16
Phorum Phorum 5.0.10
Phorum Phorum 5.0.11
Phorum Phorum 5.0.14a
Phorum Phorum 5.0.9
Phorum Phorum 5.0.14
Phorum Phorum 5.0.7 Beta
Phorum Phorum 5.0.6 Beta
Phorum Phorum 5.0.3 Beta
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
log injection
CVE-2024-37079
type confusion
CVE-2024-32943
CVE-2024-30103
CVE-2024-37350
arbitrary code
CVE-2024-6189
CVE-2024-6225
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »