Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
powie pforum vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0319
Cross-site scripting vulnerability in edituser.php for pforum 1.14 and previous versions allows remote malicious users to execute script and steal cookies from other users via Javascript in a username.
Powie Pforum 1.12
Powie Pforum 1.13
Powie Pforum 1.14
Powie Pforum 1.11
1 EDB exploit
NA
CVE-2004-1716
Cross-site scripting (XSS) vulnerability in PForum prior to 1.26 allows remote malicious users to inject arbitrary web script or HTML via the (1) IRC Server or (2) AIM ID fields in the user profile.
Powie Pforum 1.24
Powie Pforum 1.25
NA
CVE-2002-0287
pforum 1.14 and previous versions does not explicitly enable PHP magic quotes, which allows remote malicious users to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default.
Powie Pforum
NA
CVE-2006-6038
SQL injection vulnerability in editpoll.php in Powie's PHP Forum (pForum) 1.29a and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Powie Pforum
1 EDB exploit
NA
CVE-2008-4355
SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and previous versions allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Powie Pforum 1.30
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started