Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
forum vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2006-6829
Efkan Forum 1.0 and previous versions store sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for forum.mdb. NOTE: The provenance of this information is unknown; the details a...
Efkan Forum Efkan Forum
7.5
CVSSv2
CVE-2006-6828
Multiple SQL injection vulnerabilities in Efkan Forum 1.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the grup parameter in admin.asp, or the id parameter in (2) default.asp or (3) admin.asp. NOTE: The provenance of this informatio...
Efkan Forum Efkan Forum
7.5
CVSSv2
CVE-2006-5054
SQL injection vulnerability in uye/uye_ayrinti.asp in iyzi Forum 1 Beta 2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the uye_nu parameter.
Iyzi Forum Iyzi Forum
1 EDB exploit
7.5
CVSSv2
CVE-2006-5421
WSN Forum 1.3.4 and previous versions allows remote malicious users to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php. NOTE: this issue has been label...
Wsn Forum Wsn Forum
1 EDB exploit
4.3
CVSSv2
CVE-2007-3213
Multiple cross-site scripting (XSS) vulnerabilities in comments.cgi in Sporum Forum 3.0.9 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) view and (2) mode parameters.
Sporum Forum Sporum Forum
4.3
CVSSv2
CVE-2007-3267
Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum 1.01b and previous versions allows remote malicious users to inject arbitrary web script or HTML via the fromaction parameter in a log action, a different vector than CVE-2007-3235.
Fuzzylime Forum Fuzzylime Forum
1 EDB exploit
6.8
CVSSv2
CVE-2008-0099
Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via the searchtext parameter to search.php, and unspecified other vectors.
Myphp Forum Myphp Forum
1 EDB exploit
7.5
CVSSv2
CVE-2007-6014
SQL injection vulnerability in post.php in Beehive Forum 0.7.1 and previous versions allows remote malicious users to execute arbitrary SQL commands via the t_dedupe parameter.
Beehive Forum Beehive Forum
7.5
CVSSv2
CVE-2006-2674
Multiple SQL injection vulnerabilities in Tamber Forum 1.9.13 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) frm_id parameter to (a) show_forum.asp, (2) a search field to (b) forum_search.asp, (3) Email address or (4) Password to ...
Tamber Forum Tamber Forum
5.1
CVSSv2
CVE-2008-6777
Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) id parameter in a confirm action, the (2) user parameter in a newconfirm action, and (3) reqpwd action to member.php; and the...
Myphp Myphp Forum 1.0
Myphp Myphp Forum 2.0
Myphp Myphp Forum
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »