Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php forum vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2817
Simple Machines Forum (SMF) 1-0-5 and previous versions supports the use of URLs for avatar images, which allows remote malicious users to monitor sensitive information of forum visitors such as IP address and user agent, as demonstrated using a PHP script on a malicious server.
Simple Machines Simple Machines Forum 1.0.5
NA
CVE-2004-2588
Intentional information leak in phpinfo.php in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allows remote malicious users to obtain sensitive information such as the configuration of the web server and the PHP application.
Xmb Software Xmb Forum 1.9 Nexus Beta
NA
CVE-2006-7208
PHP remote file inclusion vulnerability in download.php in the Adam van Dongen Forum (com_forum) component (aka phpBB component) 1.2.4RC3 and previous versions for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Adam Van Dongen Phpbb Component 1.2.4rc3
Adam Van Dongen Com Forum 1.2.4rc3
1 EDB exploit
NA
CVE-2006-0076
PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the inc parameter.
Oaboard Oaboard 1.0
1 EDB exploit
NA
CVE-2006-5400
PHP remote file inclusion vulnerability in forum/track.php in CyberBrau 0.9.4, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the path parameter.
Cyberbrau Cyberbrau 0.9.4
1 EDB exploit
NA
CVE-2007-6657
PHP remote file inclusion vulnerability in source/includes/load_forum.php in Mihalism Multi Forum Host 3.0.x and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mfh_root_path parameter.
Mihalism Multi Host
1 EDB exploit
NA
CVE-2007-3228
PHP remote file inclusion vulnerability in saf/lib/PEAR/PhpDocumentor/Documentation/tests/bug-559668.php in Sitellite CMS 4.2.12 and previous versions might allow remote malicious users to execute arbitrary PHP code via a URL in the FORUM[LIB] parameter. NOTE: by default, access ...
Simian Systems Inc Sitellite Cms 4.2.12
1 EDB exploit
NA
CVE-2006-7127
Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote malicious users to execute arbitrary PHP code via a URL in the main_dir parameter to (1) forum/main.php and (2) forum/headlines.php.
Salims Softhouse Jaf Cms 4.0
2 EDB exploits
NA
CVE-2008-4355
SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Powie Pforum 1.30
1 EDB exploit
NA
CVE-2010-1055
Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and 2.5.4, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the config[forum_installed] parameter to (1) forum/adminLogin.p...
Tufat Osdate 2.1.9
Tufat Osdate 2.5.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »