Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phorum phorum vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1938
SQL injection vulnerability in userlogin.php in Phorum 3.4.7 allows remote malicious users to execute arbitrary SQL commands via doubly hex-encoded characters such as "%2527", which is translated to "'", as demonstrated using the phorum_uriauth parameter ...
Phorum Phorum 3.4.7
Phorum Phorum 3.4.8
1 EDB exploit
NA
CVE-2004-1822
Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.1 up to and including 5.0.3 beta allow remote malicious users to inject arbitrary web script or HTML via the (1) HTTP_REFERER parameter to login.php, (2) HTTP_REFERER parameter to register.php, or (3) target paramete...
Phorum Phorum 3.2.2
Phorum Phorum 3.1.1 Pre
Phorum Phorum 3.4.6
Phorum Phorum 3.2.3
Phorum Phorum 3.2.7
Phorum Phorum 3.4.3
Phorum Phorum 3.1.1
Phorum Phorum 3.2.8
Phorum Phorum 3.3.1a
Phorum Phorum 3.4.4
Phorum Phorum 3.3.1
Phorum Phorum 3.4
Phorum Phorum 3.3.2
Phorum Phorum 3.1.1 Rc2
Phorum Phorum 3.1.1a
Phorum Phorum 3.4.5
Phorum Phorum 3.2.5
Phorum Phorum 3.2.3a
Phorum Phorum 3.2
Phorum Phorum 3.1.2
Phorum Phorum 3.1
Phorum Phorum 3.4.2
3 EDB exploits
NA
CVE-2004-0034
Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and previous versions allow remote malicious users to inject arbitrary HTML or web script via (1) the phorum_check_xss function in common.php, (2) the EditError variable in profile.php, and (3) the Error variable...
Phorum Phorum
NA
CVE-2004-0035
SQL injection vulnerability in register.php for Phorum 3.4.5 and previous versions allows remote malicious users to execute arbitrary SQL commands via the hide_email parameter.
Phorum Phorum
NA
CVE-2003-1466
Unspecified vulnerability in Phorum 3.4 up to and including 3.4.2 allows remote malicious users to use Phorum as a connection proxy to other sites via (1) register.php or (2) login.php.
Phorum Phorum 3.4
Phorum Phorum 3.4.2
Phorum Phorum 3.4.1
NA
CVE-2003-1486
Phorum 3.4 up to and including 3.4.2 allows remote malicious users to obtain the full path of the web server via an incorrect HTTP request to (1) smileys.php, (2) quick_listrss.php, (3) purge.php, (4) news.php, (5) memberlist.php, (6) forum_listrss.php, (7) forum_list_rdf.php, (8...
Phorum Phorum 3.4
Phorum Phorum 3.4.2
Phorum Phorum 3.4.1
NA
CVE-2003-1487
Multiple "command injection" vulnerabilities in Phorum 3.4 up to and including 3.4.2 allow remote malicious users to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program.
Phorum Phorum 3.4
Phorum Phorum 3.4.2
Phorum Phorum 3.4.1
NA
CVE-2003-1465
Directory traversal vulnerability in download.php in Phorum 3.4 up to and including 3.4.2 allows remote malicious users to read arbitrary files.
Phorum Phorum 3.4
Phorum Phorum 3.4.2
Phorum Phorum 3.4.1
NA
CVE-2003-1467
Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum prior to 3.4.3 allow remote malicious users to inject arbitrary web script or HTML via unknown attack vectors.
Phorum Phorum
Phorum Phorum 3.4
Phorum Phorum 3.4.1
NA
CVE-2003-0283
Cross-site scripting (XSS) vulnerability in Phorum prior to 3.4.3 allows remote malicious users to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail.
Phorum Phorum
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
log injection
CVE-2024-37079
type confusion
CVE-2024-32943
CVE-2024-30103
CVE-2024-37350
arbitrary code
CVE-2024-6189
CVE-2024-6225
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »