Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
forum vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2006-7088
Multiple SQL injection vulnerabilities in Simple PHP Forum prior to 0.4 allow remote malicious users to execute arbitrary SQL commands via the username parameter to (1) logon_user.php and (2) update_profile.php.
Simple Php Forum Simple Php Forum 0.2
Simple Php Forum Simple Php Forum 0.3
Simple Php Forum Simple Php Forum 0.1
383
VMScore
CVE-2005-3688
Cross-site scripting (XSS) vulnerability in members.php in XMB 1.9.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the "Your Current Mood" field in the registration page.
Xmb Forum Xmb 1.9 Beta
Xmb Forum Xmb
Xmb Forum Xmb 1.8 Sp1
Xmb Forum Xmb 1.9.1
Xmb Forum Xmb 1.8 Sp2
Xmb Forum Xmb 1.9.2
Xmb Forum Xmb 1.8 Sp3
690
VMScore
CVE-2006-6447
Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite 1.3 and 1.5 allow remote malicious users to inject arbitrary web script or HTML via (1) the StrMes parameter in vf_info.asp and possibly (2) a URL in the SRC attribute of an IFRAME element that is submitted to v...
Vt-forum Vt-forum Lite 1.3
Vt-forum Vt-forum Lite 1.5
2 EDB exploits
383
VMScore
CVE-2008-4871
Cross-site scripting (XSS) vulnerability in My Little Forum 1.75 and 2.0 Beta 23 allows remote malicious users to inject arbitrary web script or HTML via BBcode IMG tags.
My Little Forum My Little Forum 1.75
My Little Forum My Little Forum 2.0
668
VMScore
CVE-2008-4047
Unspecified vulnerability in Novell Forum (formerly SiteScape Forum) 7.0, 7.1, 7.2, 7.3, and 8.0 allows remote malicious users to execute arbitrary TCL code via a modified URL. NOTE: this might overlap CVE-2007-6515.
Novell Novell Forum 7.0
Novell Novell Forum 7.1
Novell Novell Forum 7.2
Novell Novell Forum 7.3
Novell Novell Forum 8.0
755
VMScore
CVE-2010-2133
SQL injection vulnerability in contact.php in My Little Forum allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-2942.
Mylittleforum My Little Forum 2.2
Mylittleforum My Little Forum 2.1.4
Mylittleforum My Little Forum 2.1.3
Mylittleforum My Little Forum 2.1.2
Mylittleforum My Little Forum 2.2.2
Mylittleforum My Little Forum 2.2.1
Mylittleforum My Little Forum 1.7.6
Mylittleforum My Little Forum 2.2.3
Mylittleforum My Little Forum 2.1.1
Mylittleforum My Little Forum 2.0.2
1 EDB exploit
755
VMScore
CVE-2006-5055
PHP remote file inclusion vulnerability in admin/testing/tests/0004_init_urls.php in syntaxCMS 1.1.1 up to and including 1.3 allows remote malicious users to execute arbitrary PHP code via a URL in the init_path parameter.
Forum One Syntaxcms 1.2.1
Forum One Syntaxcms
Forum One Syntaxcms 1.1.1
Forum One Syntaxcms 1.1.2
1 EDB exploit
605
VMScore
CVE-2009-2545
SQL injection vulnerability in Advanced Electron Forum (AEF) 1.x, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the filename in an uploaded attachment. NOTE: the provenance of this information is unknown; the details are ob...
Anelectron Advanced Electron Forum 1.0.7
Anelectron Advanced Electron Forum 1.0.8
Anelectron Advanced Electron Forum 1.0.5
Anelectron Advanced Electron Forum 1.0.6
Anelectron Advanced Electron Forum 1.0.3
Anelectron Advanced Electron Forum 1.0.4
Anelectron Advanced Electron Forum 1.0.1
Anelectron Advanced Electron Forum 1.0.2
383
VMScore
CVE-2009-2546
Directory traversal vulnerability in Advanced Electron Forum (AEF) 1.x allows remote malicious users to determine the existence of arbitrary files via the avatargalfile parameter when changing an avatar, which leaks the existence of the file in an error message. NOTE: the provena...
Anelectron Advanced Electron Forum 1.0.1
Anelectron Advanced Electron Forum 1.0.2
Anelectron Advanced Electron Forum 1.0.7
Anelectron Advanced Electron Forum 1.0.8
Anelectron Advanced Electron Forum 1.0.5
Anelectron Advanced Electron Forum 1.0.6
Anelectron Advanced Electron Forum 1.0.3
Anelectron Advanced Electron Forum 1.0.4
445
VMScore
CVE-2005-4249
ADP Forum 2.0 up to and including 2.0.3 stores sensitive information in plaintext files under the web document root with insufficient access control, which allows remote malicious users to obtain user credentials via requests to the forum/users directory.
Adp Adp Forum 2.0
Adp Adp Forum 2.0.2
Adp Adp Forum 2.0.3
Adp Adp Forum 2.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »