Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php forum vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2008-5090
Electron Inc. Advanced Electron Forum prior to 1.0.7 allows remote malicious users to execute arbitrary PHP code via PHP code embedded in bbcode in the email parameter, which is processed by the preg_replace function with the eval switch.
Anelectron Advanced Electron Forum 1.0.2
Anelectron Advanced Electron Forum 1.0.1
Anelectron Advanced Electron Forum 1.0.4
Anelectron Advanced Electron Forum 1.0.3
Anelectron Advanced Electron Forum
Anelectron Advanced Electron Forum 1.0.5
1 EDB exploit
1000
VMScore
CVE-2007-1778
PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for PHP-Nuke allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Eve-nuke Eve-nuke Forum 0.1
1 EDB exploit
890
VMScore
CVE-2020-13873
A SQL Injection vulnerability in get_topic_info() in sys/CODOF/Forum/Topic.php in Codoforum prior to 4.9 allows remote attackers (pre-authentication) to bypass the admin page via a leaked password-reset token of the admin. (As an admin, an attacker can upload a PHP shell and exec...
Codologic Codoforum
890
VMScore
CVE-2006-7153
PHP remote file inclusion vulnerability in index.php in MiniBB Forum 2 allows remote malicious users to execute arbitrary code via a URL in the pathToFiles parameter.
Minibb Forum 2
770
VMScore
CVE-2002-2200
Benjamin Lefevre Dobermann FORUM 0.5 and previous versions allows remote malicious users to remotely include and execute malicious PHP files via the "subpath" variablein (1) entete.php, (2) enteteacceuil.php, (3) index.php, or (4) newtopic.php.
Benjamin Lefevre Dobermann Forum 0.2
Benjamin Lefevre Dobermann Forum 0.4
Benjamin Lefevre Dobermann Forum 0.1
Benjamin Lefevre Dobermann Forum 0.3
Benjamin Lefevre Dobermann Forum 0.5
4 EDB exploits
760
VMScore
CVE-2006-7128
PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote malicious users to execute arbitrary PHP code via a URL in the website parameter.
Salims Softhouse Jaf Cms 4.0
2 EDB exploits
760
VMScore
CVE-2003-1406
PHP remote file inclusion vulnerability in D-Forum 1.00 up to and including 1.11 allows remote malicious users to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3.
Adalis Infomatique D Forum 1.0
Adalis Infomatique D Forum 1.10
Adalis Infomatique D Forum 1.11
2 EDB exploits
755
VMScore
CVE-2013-1803
Multiple SQL injection vulnerabilities in PHP-Fusion prior to 7.02.06 allow remote malicious users to execute arbitrary SQL commands via the (1) orderby parameter to downloads.php; or remote authenticated users with certain permissions to execute arbitrary SQL commands via a (2) ...
Php-fusion Php-fusion
Php-fusion Php-fusion 7.02.01
Php-fusion Php-fusion 7.02.04
Php-fusion Php-fusion 7.02.03
Php-fusion Php-fusion 7.02.02
1 EDB exploit
755
VMScore
CVE-2008-6741
SQL injection vulnerability in Load.php in Simple Machines Forum (SMF) 1.1.4 and previous versions allows remote malicious users to execute arbitrary SQL commands by setting the db_character_set parameter to a multibyte character set such as big5, which causes the addslashes PHP ...
Simple Machines Simple Machines Forum 1.0.11
Simple Machines Simple Machines Forum
Simple Machines Simple Machines Forum 1.1
Simple Machines Simple Machines Forum 1.0.5
Simple Machines Simple Machines Forum 1.0.12
Simple Machines Simple Machines Forum 1.1.3
Simple Machines Simple Machines Forum 1.1.1
Simple Machines Simple Machines Forum 1.0.6
Simple Machines Simple Machines Forum 1.0.7
Simple Machines Simple Machines Forum 1.1.2
1 EDB exploit
755
VMScore
CVE-2008-6544
Multiple PHP remote file inclusion vulnerabilities in Simple Machines Forum (SMF) 1.1.4 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) settings[default_theme_dir] parameter to Sources/Subs-Graphics.php and (2) settings[default_theme_dir] parameter...
Simple Machines Simple Machines Forum 1.1.4
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »