Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
forum vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2004-2725
Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the search parameter in (a) search.php, (2) the email parameter in (b) subscribe.php, and (3) the return and (4) title parameters in ...
Aztek Forum Aztek Forum 4.0
1 EDB exploit
4.3
CVSSv2
CVE-2005-3412
Cross-site scripting (XSS) vulnerability in Elite Forum 1.0.0.0 allows remote malicious users to inject arbitrary web script or HTML via a Post Reply to a topic, in which the reply contains a javascript: URL in an <img> tag.
Elite Forum Elite Forum 1.0.0.0
1 EDB exploit
6.8
CVSSv2
CVE-2006-6532
Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite 1.3 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) StrMsg or (2) Topic_ID parameter to (a) vf_info.asp, (b) vf_newtopic.asp, (c) vf_settings.asp, and (d) vf...
Vt-forum Vt-forum Lite
4.3
CVSSv2
CVE-2007-3975
Cross-site scripting (XSS) vulnerability in index.php in Elite Forum 1.0.0.0 allows remote malicious users to inject arbitrary web script or HTML via the title parameter in a ptopic action, a different vulnerability than CVE-2005-3412.
Elite Forum Elite Forum 1.0.0.0
4.3
CVSSv2
CVE-2007-3212
Multiple cross-site scripting (XSS) vulnerabilities in links.php in Beehive Forum 0.7.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) viewmode, (2) fid, and (3) sort_dir parameters, different vectors than CVE-2005-4460.
Beehive Forum Beehive Forum 0.7.1
1 EDB exploit
9
CVSSv2
CVE-2006-4585
SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows remote authenticated users to execute arbitrary SQL commands via the id2 parameter. NOTE: this can be leveraged with other Tr Forum vulnerabilities to allow unauthenticated malicious users to gain privileges.
Tr Forum Tr Forum 2.0
7.5
CVSSv2
CVE-2005-3682
Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote malicious users to execute arbitrary SQL commands via (1) the AuthID parameter in ForumAuthDetails.php, and the TopicID parameter in (2) ForumTopicDetails.php and (3) ForumReply.php.
Wizz Forum Wizz Forum 1.20
3 EDB exploits
5
CVSSv2
CVE-2006-0877
Cross-site scripting vulnerability in Easy Forum 2.5 allows remote malicious users to inject arbitrary web script or HTML via the image variable.
Easy Forum Easy Forum 2.5
1 EDB exploit
4.3
CVSSv2
CVE-2012-0900
Multiple cross-site scripting (XSS) vulnerabilities in Beehive Forum 1.0.1 allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to (1) forum/register.php or (2) forum/logon.php.
Beehive Forum Beehive Forum 1.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-1295
SQL injection vulnerability in topic_title.php in AJ Forum 1.0 allows remote malicious users to execute arbitrary SQL commands via the td_id parameter.
Aj Forum Aj Forum 1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »