Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php forum vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2817
Simple Machines Forum (SMF) 1-0-5 and previous versions supports the use of URLs for avatar images, which allows remote malicious users to monitor sensitive information of forum visitors such as IP address and user agent, as demonstrated using a PHP script on a malicious server.
Simple Machines Simple Machines Forum 1.0.5
NA
CVE-2006-7208
PHP remote file inclusion vulnerability in download.php in the Adam van Dongen Forum (com_forum) component (aka phpBB component) 1.2.4RC3 and previous versions for Mambo allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Adam Van Dongen Phpbb Component 1.2.4rc3
Adam Van Dongen Com Forum 1.2.4rc3
1 EDB exploit
NA
CVE-2006-0076
PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote malicious users to execute arbitrary PHP code via a URL in the inc parameter.
Oaboard Oaboard 1.0
1 EDB exploit
NA
CVE-2006-5400
PHP remote file inclusion vulnerability in forum/track.php in CyberBrau 0.9.4, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the path parameter.
Cyberbrau Cyberbrau 0.9.4
1 EDB exploit
NA
CVE-2007-6657
PHP remote file inclusion vulnerability in source/includes/load_forum.php in Mihalism Multi Forum Host 3.0.x and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the mfh_root_path parameter.
Mihalism Multi Host
1 EDB exploit
NA
CVE-2007-3228
PHP remote file inclusion vulnerability in saf/lib/PEAR/PhpDocumentor/Documentation/tests/bug-559668.php in Sitellite CMS 4.2.12 and previous versions might allow remote malicious users to execute arbitrary PHP code via a URL in the FORUM[LIB] parameter. NOTE: by default, access ...
Simian Systems Inc Sitellite Cms 4.2.12
1 EDB exploit
NA
CVE-2006-7127
Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote malicious users to execute arbitrary PHP code via a URL in the main_dir parameter to (1) forum/main.php and (2) forum/headlines.php.
Salims Softhouse Jaf Cms 4.0
2 EDB exploits
NA
CVE-2008-4355
SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Powie Pforum 1.30
1 EDB exploit
NA
CVE-2010-1055
Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and 2.5.4, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the config[forum_installed] parameter to (1) forum/adminLogin.p...
Tufat Osdate 2.1.9
Tufat Osdate 2.5.4
1 EDB exploit
NA
CVE-2008-1609
Multiple PHP remote file inclusion vulnerabilities in just another flat file (JAF) CMS 4.0 RC2 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) website parameter to (a) forum.php, (b) headlines.php, and (c) main.php in forum/, and (2) main_dir param...
Jaf Cms Jaf Cms 4.0 Rc2
3 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »