Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php forum vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2006-6934
Multiple cross-site scripting (XSS) vulnerabilities in Portix-PHP 0.4.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) titre or (2) auteur field in a forum post.
Portix-php Portix-php 0.4.2
6.8
CVSSv2
CVE-2006-7208
PHP remote file inclusion vulnerability in download.php in the Adam van Dongen Forum (com_forum) component (aka phpBB component) 1.2.4RC3 and previous versions for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Adam Van Dongen Phpbb Component 1.2.4rc3
Adam Van Dongen Com Forum 1.2.4rc3
1 EDB exploit
7.5
CVSSv2
CVE-2006-0076
PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the inc parameter.
Oaboard Oaboard 1.0
1 EDB exploit
5.1
CVSSv2
CVE-2006-5400
PHP remote file inclusion vulnerability in forum/track.php in CyberBrau 0.9.4, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the path parameter.
Cyberbrau Cyberbrau 0.9.4
1 EDB exploit
7.5
CVSSv2
CVE-2007-6657
PHP remote file inclusion vulnerability in source/includes/load_forum.php in Mihalism Multi Forum Host 3.0.x and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mfh_root_path parameter.
Mihalism Multi Host
1 EDB exploit
6.8
CVSSv2
CVE-2007-3228
PHP remote file inclusion vulnerability in saf/lib/PEAR/PhpDocumentor/Documentation/tests/bug-559668.php in Sitellite CMS 4.2.12 and previous versions might allow remote malicious users to execute arbitrary PHP code via a URL in the FORUM[LIB] parameter. NOTE: by default, access ...
Simian Systems Inc Sitellite Cms 4.2.12
1 EDB exploit
6.8
CVSSv2
CVE-2006-7127
Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote malicious users to execute arbitrary PHP code via a URL in the main_dir parameter to (1) forum/main.php and (2) forum/headlines.php.
Salims Softhouse Jaf Cms 4.0
2 EDB exploits
7.5
CVSSv2
CVE-2008-4355
SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Powie Pforum 1.30
1 EDB exploit
5.1
CVSSv2
CVE-2010-1055
Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and 2.5.4, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the config[forum_installed] parameter to (1) forum/adminLogin.p...
Tufat Osdate 2.1.9
Tufat Osdate 2.5.4
1 EDB exploit
6.8
CVSSv2
CVE-2008-1609
Multiple PHP remote file inclusion vulnerabilities in just another flat file (JAF) CMS 4.0 RC2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) website parameter to (a) forum.php, (b) headlines.php, and (c) main.php in forum/, and (2) main_dir param...
Jaf Cms Jaf Cms 4.0 Rc2
3 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »