Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
forum vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-6828
Multiple SQL injection vulnerabilities in Efkan Forum 1.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) the grup parameter in admin.asp, or the id parameter in (2) default.asp or (3) admin.asp. NOTE: The provenance of this informatio...
Efkan Forum Efkan Forum
7.5
CVSSv2
CVE-2006-2674
Multiple SQL injection vulnerabilities in Tamber Forum 1.9.13 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) frm_id parameter to (a) show_forum.asp, (2) a search field to (b) forum_search.asp, (3) Email address or (4) Password to ...
Tamber Forum Tamber Forum
7.5
CVSSv2
CVE-2007-6241
Multiple unspecified vulnerabilities in Beehive Forum 0.7.1 have unknown "critical" impact and attack vectors, different issues than CVE-2007-6014.
Beehive Forum Beehive Forum
6.8
CVSSv2
CVE-2008-0099
Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and previous versions allow remote malicious users to execute arbitrary SQL commands via the searchtext parameter to search.php, and unspecified other vectors.
Myphp Forum Myphp Forum
1 EDB exploit
7.8
CVSSv2
CVE-2006-6829
Efkan Forum 1.0 and previous versions store sensitive information under the web root with insufficient access control, which allows remote malicious users to download a database via a direct request for forum.mdb. NOTE: The provenance of this information is unknown; the details a...
Efkan Forum Efkan Forum
7.5
CVSSv2
CVE-2006-5054
SQL injection vulnerability in uye/uye_ayrinti.asp in iyzi Forum 1 Beta 2 and previous versions allows remote malicious users to execute arbitrary SQL commands via the uye_nu parameter.
Iyzi Forum Iyzi Forum
1 EDB exploit
4.3
CVSSv2
CVE-2004-2122
Cross-site scripting (XSS) vulnerability in intraforum_db.cgi in Intra Forum allows remote malicious users to inject arbitrary web script or HTML via the (1) use_last_read or (2) forum parameters.
Intra Forum Intra Forum
5
CVSSv2
CVE-2006-2946
Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote malicious users to obtain database username and password information.
Dmx Forum Dmx Forum
1 EDB exploit
7.5
CVSSv2
CVE-2006-5421
WSN Forum 1.3.4 and previous versions allows remote malicious users to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php. NOTE: this issue has been label...
Wsn Forum Wsn Forum
1 EDB exploit
6.8
CVSSv2
CVE-2007-6667
SQL injection vulnerability in faq.php in MyPHP Forum 3.0 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: the member.php vector is already covered by CVE-2005-0413.
Myphp Myphp Forum
Myphp Myphp Forum 2.0
Myphp Myphp Forum 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »