Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php forum vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2006-6934
Multiple cross-site scripting (XSS) vulnerabilities in Portix-PHP 0.4.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) titre or (2) auteur field in a forum post.
Portix-php Portix-php 0.4.2
685
VMScore
CVE-2006-7208
PHP remote file inclusion vulnerability in download.php in the Adam van Dongen Forum (com_forum) component (aka phpBB component) 1.2.4RC3 and previous versions for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Adam Van Dongen Phpbb Component 1.2.4rc3
Adam Van Dongen Com Forum 1.2.4rc3
1 EDB exploit
755
VMScore
CVE-2006-0076
PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the inc parameter.
Oaboard Oaboard 1.0
1 EDB exploit
515
VMScore
CVE-2006-5400
PHP remote file inclusion vulnerability in forum/track.php in CyberBrau 0.9.4, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the path parameter.
Cyberbrau Cyberbrau 0.9.4
1 EDB exploit
755
VMScore
CVE-2007-6657
PHP remote file inclusion vulnerability in source/includes/load_forum.php in Mihalism Multi Forum Host 3.0.x and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mfh_root_path parameter.
Mihalism Multi Host
1 EDB exploit
685
VMScore
CVE-2007-3228
PHP remote file inclusion vulnerability in saf/lib/PEAR/PhpDocumentor/Documentation/tests/bug-559668.php in Sitellite CMS 4.2.12 and previous versions might allow remote malicious users to execute arbitrary PHP code via a URL in the FORUM[LIB] parameter. NOTE: by default, access ...
Simian Systems Inc Sitellite Cms 4.2.12
1 EDB exploit
690
VMScore
CVE-2006-7127
Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote malicious users to execute arbitrary PHP code via a URL in the main_dir parameter to (1) forum/main.php and (2) forum/headlines.php.
Salims Softhouse Jaf Cms 4.0
2 EDB exploits
755
VMScore
CVE-2008-4355
SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Powie Pforum 1.30
1 EDB exploit
515
VMScore
CVE-2010-1055
Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and 2.5.4, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the config[forum_installed] parameter to (1) forum/adminLogin.p...
Tufat Osdate 2.1.9
Tufat Osdate 2.5.4
1 EDB exploit
695
VMScore
CVE-2008-1609
Multiple PHP remote file inclusion vulnerabilities in just another flat file (JAF) CMS 4.0 RC2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) website parameter to (a) forum.php, (b) headlines.php, and (c) main.php in forum/, and (2) main_dir param...
Jaf Cms Jaf Cms 4.0 Rc2
3 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »