Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php forum vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2007-1633
Directory traversal vulnerability in bbcode_ref.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 module for PHP-Nuke allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the name parameter, as demonstrated by injecting PHP sequences into...
Giorgio Ciranni Splatt Forum 4.0 Rc1
1 EDB exploit
10
CVSSv2
CVE-2007-1778
PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for PHP-Nuke allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Eve-nuke Eve-nuke Forum 0.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-1818
PHP remote file inclusion vulnerability in MOD_forum_fields_parse.php in the Forum picture and META tags 1.7 module for phpBB allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Forum Picture And Meta Tags Forum Picture And Meta Tags 1.7
1 EDB exploit
7.5
CVSSv2
CVE-2006-3690
Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) components/com_minibb.php or (2) components/minibb/index.php.
Minibb Forum 1.5a
1 EDB exploit
5.8
CVSSv2
CVE-2006-3555
Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PHP-Fusion prior to 6.01.3 allow remote malicious users to inject arbitrary web script or HTML by using edit_profile.php to upload a (1) avatar or (2) forum image attachment that has a .gif or .jpg extension, an...
Php Fusion Php Fusion 6.00.102
Php Fusion Php Fusion 6.00.103
Php Fusion Php Fusion 6.00.110
Php Fusion Php Fusion 6.00.200
Php Fusion Php Fusion 6.00.304
Php Fusion Php Fusion 6.00.306
Php Fusion Php Fusion 6.0.105
Php Fusion Php Fusion 6.00.104
Php Fusion Php Fusion 6.00.105
Php Fusion Php Fusion 6.00.204
Php Fusion Php Fusion 6.00.205
Php Fusion Php Fusion 6.00.307
Php Fusion Php Fusion 6.01.2
Php Fusion Php Fusion 6.0.106
Php Fusion Php Fusion 6.0.107
Php Fusion Php Fusion 6.00.106
Php Fusion Php Fusion 6.00.107
Php Fusion Php Fusion 6.00.206
Php Fusion Php Fusion 6.00.207
Php Fusion Php Fusion 6.00.100
Php Fusion Php Fusion 6.00.101
Php Fusion Php Fusion 6.00.108
7.5
CVSSv2
CVE-2007-1131
PHP remote file inclusion vulnerability in sinapis.php in Sinapis Forum 2.2 allows remote malicious users to execute arbitrary PHP code via a URL in the fuss parameter.
Scripter.ch Sinapis Forum 2.2
1 EDB exploit
10
CVSSv2
CVE-2006-7153
PHP remote file inclusion vulnerability in index.php in MiniBB Forum 2 allows remote malicious users to execute arbitrary code via a URL in the pathToFiles parameter.
Minibb Forum 2
7.5
CVSSv2
CVE-2013-1803
Multiple SQL injection vulnerabilities in PHP-Fusion prior to 7.02.06 allow remote malicious users to execute arbitrary SQL commands via the (1) orderby parameter to downloads.php; or remote authenticated users with certain permissions to execute arbitrary SQL commands via a (2) ...
Php-fusion Php-fusion
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.04
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.02
1 EDB exploit
6.8
CVSSv2
CVE-2006-3773
PHP remote file inclusion vulnerability in smf.php in the SMF-Forum 1.3.1.3 Bridge Component (com_smf) For Joomla! and Mambo 4.5.3+ allows remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
Mambo Smf-forum 1.3.1.3 Bridge Component
1 EDB exploit
7.5
CVSSv2
CVE-2006-5438
PHP remote file inclusion vulnerability in adminfoot.php in Comdev Forum 4.1, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: the provenance of this information is unknown; the details a...
Comdev Comdev Forum 4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »