Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phorum vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2248
Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Phorum prior to 5.1.22 allow remote malicious users to inject arbitrary web script or HTML via the (1) group_id parameter in the groups module or (2) the smiley_id parameter in the smileys modsettings module.
Phorum Phorum
2 EDB exploits
NA
CVE-2007-2250
admin.php in Phorum prior to 5.1.22 allows remote malicious users to obtain the full path via the module[] parameter.
Phorum Phorum
1 EDB exploit
NA
CVE-2005-0843
CRLF injection vulnerability in search.php in Phorum 5.0.14a allows remote malicious users to perform HTTP Response Splitting attacks via the body parameter, which is included in the resulting Location header.
Phorum Phorum 5.0.14a
1 EDB exploit
NA
CVE-2002-2340
Cross-site scripting (XSS) vulnerability in read.php in Phorum 3.3.2a allows remote malicious users to inject arbitrary web script or HTML via (1) the t parameter or (2) the body of an email response.
Phorum Phorum 3.3.2a
NA
CVE-2005-0783
Cross-site scripting (XSS) vulnerability in Phorum prior to 5.0.14a allows remote malicious users to inject arbitrary web script or HTML via the filename of an attached file.
Phorum Phorum 5.0.14
1 EDB exploit
NA
CVE-2005-0784
Multiple cross-site scripting (XSS) vulnerabilities in Phorum prior to 5.0.15 allow remote malicious users to inject arbitrary web script or HTML via (1) the subject line to follow.php or (2) the subject line in the user's personal control panel.
Phorum Phorum 5.0.14
NA
CVE-2000-1230
Backdoor in auth.php3 in Phorum 3.0.7 allows remote malicious users to access restricted web pages via an HTTP request with the PHP_AUTH_USER parameter set to "boogieman".
Phorum Phorum 3.0.7
1 EDB exploit
NA
CVE-2000-1234
violation.php3 in Phorum 3.0.7 allows remote malicious users to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters.
Phorum Phorum 3.0.7
1 EDB exploit
1 Github repository
NA
CVE-2007-0769
Cross-site scripting (XSS) vulnerability in register.php in Phorum 5.1.18 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors. NOTE: the vendor disputes this vulnerability, stating that "The characters are escaped properly.
Phorum Phorum 5.1.18
NA
CVE-2008-4513
Cross-site scripting (XSS) vulnerability in BBcode API module in Phorum 5.2.8 allows remote malicious users to inject arbitrary web script or HTML via nested BBcode image tags.
Phorum Phorum 5.2.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »