Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
forum vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-5090
Electron Inc. Advanced Electron Forum prior to 1.0.7 allows remote malicious users to execute arbitrary PHP code via PHP code embedded in bbcode in the email parameter, which is processed by the preg_replace function with the eval switch.
Anelectron Advanced Electron Forum 1.0.2
Anelectron Advanced Electron Forum 1.0.1
Anelectron Advanced Electron Forum 1.0.4
Anelectron Advanced Electron Forum 1.0.3
Anelectron Advanced Electron Forum
Anelectron Advanced Electron Forum 1.0.5
1 EDB exploit
7.5
CVSSv2
CVE-2008-6741
SQL injection vulnerability in Load.php in Simple Machines Forum (SMF) 1.1.4 and previous versions allows remote malicious users to execute arbitrary SQL commands by setting the db_character_set parameter to a multibyte character set such as big5, which causes the addslashes PHP ...
Simple Machines Simple Machines Forum 1.0.11
Simple Machines Simple Machines Forum
Simple Machines Simple Machines Forum 1.1
Simple Machines Simple Machines Forum 1.0.5
Simple Machines Simple Machines Forum 1.0.12
Simple Machines Simple Machines Forum 1.1.3
Simple Machines Simple Machines Forum 1.1.1
Simple Machines Simple Machines Forum 1.0.6
Simple Machines Simple Machines Forum 1.0.7
Simple Machines Simple Machines Forum 1.1.2
1 EDB exploit
6.5
CVSSv2
CVE-2006-5729
Yazd Discussion Forum prior to 3.0 beta does not properly manage forum permissions, which allows remote authenticated users to (1) reply to a message in an arbitrary forum, if authorized to create a message in any forum; and (2) perform certain unauthorized forum actions, related...
Yazd Yazd Discussion Forum 1.0
Yazd Yazd Discussion Forum 2.0
Yazd Yazd Discussion Forum 2.1
Yazd Yazd Discussion Forum 2.4
Yazd Yazd Discussion Forum 2.2
Yazd Yazd Discussion Forum 2.3
5.5
CVSSv2
CVE-2008-6659
Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 prior to 1.0.15 and 1.1 prior to 1.1.7 allows remote authenticated users to configure arbitrary local files for execution via directory traversal sequences in the value of the theme_dir field during...
Simple Machines Simple Machines Forum 1.1 Rc2
Simple Machines Simple Machines Forum 1.1 Rc3
Simple Machines Simple Machines Forum 1.0.5
Simple Machines Simple Machines Forum 1.0.12
Simple Machines Simple Machines Forum 1.1.4
Simple Machines Simple Machines Forum 1.1.5
Simple Machines Simple Machines Forum 1.0.6
Simple Machines Simple Machines Forum 1.0.7
Simple Machines Simple Machines Forum 1.1 Rc1
Simple Machines Simple Machines Forum 1.1.6
Simple Machines Simple Machines Forum 1.1.1
Simple Machines Simple Machines Forum 1.0.11
Simple Machines Simple Machines Forum 1.1.2
Simple Machines Simple Machines Forum 1.1.3
1 EDB exploit
6.8
CVSSv2
CVE-2008-6657
Cross-site request forgery (CSRF) vulnerability in index.php in Simple Machines Forum (SMF) 1.0 prior to 1.0.15 and 1.1 prior to 1.1.7 allows remote malicious users to hijack the authentication of admins for requests that install packages via the package parameter in an install2 ...
Simple Machines Simple Machines Forum 1.0.5
Simple Machines Simple Machines Forum 1.0.12
Simple Machines Simple Machines Forum 1.1.3
Simple Machines Simple Machines Forum 1.1.4
Simple Machines Simple Machines Forum 1.1 Rc1
Simple Machines Simple Machines Forum 1.1 Rc2
Simple Machines Simple Machines Forum 1.1.1
Simple Machines Simple Machines Forum 1.0.11
Simple Machines Simple Machines Forum 1.1 Rc3
Simple Machines Simple Machines Forum 1.1.2
Simple Machines Simple Machines Forum 1.0.6
Simple Machines Simple Machines Forum 1.0.7
Simple Machines Simple Machines Forum 1.1.5
Simple Machines Simple Machines Forum 1.1.6
1 EDB exploit
4
CVSSv2
CVE-2008-6658
Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.0 prior to 1.0.15 and 1.1 prior to 1.1.7 allows remote authenticated administrators to install packages from arbitrary directories via a .. (dot dot) in the package parameter during an install2 action...
Simple Machines Simple Machines Forum 1.1 Rc1
Simple Machines Simple Machines Forum 1.1 Rc2
Simple Machines Simple Machines Forum 1.0.5
Simple Machines Simple Machines Forum 1.0.12
Simple Machines Simple Machines Forum 1.1.3
Simple Machines Simple Machines Forum 1.1.4
Simple Machines Simple Machines Forum 1.1.5
Simple Machines Simple Machines Forum 1.0.6
Simple Machines Simple Machines Forum 1.0.7
Simple Machines Simple Machines Forum 1.1.6
Simple Machines Simple Machines Forum 1.1.1
Simple Machines Simple Machines Forum 1.0.11
Simple Machines Simple Machines Forum 1.1 Rc3
Simple Machines Simple Machines Forum 1.1.2
1 EDB exploit
7.5
CVSSv2
CVE-2007-6014
SQL injection vulnerability in post.php in Beehive Forum 0.7.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the t_dedupe parameter.
Beehive Forum Beehive Forum
4.3
CVSSv2
CVE-2007-3213
Multiple cross-site scripting (XSS) vulnerabilities in comments.cgi in Sporum Forum 3.0.9 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) view and (2) mode parameters.
Sporum Forum Sporum Forum
4.3
CVSSv2
CVE-2007-3267
Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum 1.01b and previous versions allows remote malicious users to inject arbitrary web script or HTML via the fromaction parameter in a log action, a different vector than CVE-2007-3235.
Fuzzylime Forum Fuzzylime Forum
1 EDB exploit
7.5
CVSSv2
CVE-2006-6448
Multiple SQL injection vulnerabilities in Vt-Forum Lite 1.3 and previous versions allow remote malicious users to execute arbitrary SQL commands via the user parameter to vf_memberdetail.asp, and other unspecified vectors. NOTE: The provenance of this information is unknown; the ...
Vt-forum Vt-forum
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »