Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
forum vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-4584
Tr Forum 2.0 allows remote malicious users to bypass authentication and add an administrative account via the login and password parameters to admin/insert_admin.php.
Tr Forum Tr Forum 2.0
2 EDB exploits
7.5
CVSSv2
CVE-2007-1295
SQL injection vulnerability in topic_title.php in AJ Forum 1.0 allows remote malicious users to execute arbitrary SQL commands via the td_id parameter.
Aj Forum Aj Forum 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2007-3212
Multiple cross-site scripting (XSS) vulnerabilities in links.php in Beehive Forum 0.7.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) viewmode, (2) fid, and (3) sort_dir parameters, different vectors than CVE-2005-4460.
Beehive Forum Beehive Forum 0.7.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-3234
SQL injection vulnerability in low.php in Fuzzylime Forum 1.0 allows remote malicious users to execute arbitrary SQL commands via the topic parameter.
Fuzzylime Forum Fuzzylime Forum 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2006-1110
Cross-site scripting (XSS) vulnerability in Aztek Forum 4.0 allows remote malicious users to inject arbitrary web script or HTML via the message body in a new message.
Aztek Forum Aztek Forum 4.0
1 EDB exploit
4.3
CVSSv2
CVE-2005-3412
Cross-site scripting (XSS) vulnerability in Elite Forum 1.0.0.0 allows remote malicious users to inject arbitrary web script or HTML via a Post Reply to a topic, in which the reply contains a javascript: URL in an <img> tag.
Elite Forum Elite Forum 1.0.0.0
1 EDB exploit
7.5
CVSSv2
CVE-2007-0589
SQL injection vulnerability in Forum Livre 1.0 allows remote malicious users to execute arbitrary SQL commands via the user parameter to info_user.asp.
Forum Livre Forum Livre 1.0
1 EDB exploit
5.5
CVSSv2
CVE-2006-4586
The admin panel in Tr Forum 2.0 accepts a username and password hash for authentication, which allows remote authenticated users to perform unauthorized actions, as demonstrated by modifying user settings via the id parameter to /membres/modif_profil.php, and changing a password ...
Tr Forum Tr Forum 2.0
1 EDB exploit
9
CVSSv2
CVE-2006-4585
SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows remote authenticated users to execute arbitrary SQL commands via the id2 parameter. NOTE: this can be leveraged with other Tr Forum vulnerabilities to allow unauthenticated malicious users to gain privileges.
Tr Forum Tr Forum 2.0
7.5
CVSSv2
CVE-2006-1111
Aztek Forum 4.0 allows remote malicious users to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
Aztek Forum Aztek Forum 4.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »