Lucene search

Wikidforum Security Vulnerabilities

cve

CVE-2018-18075

WikidForum 2.20 has SQL Injection via the rpc.php parent_post_id or num_records parameter, or the index.php?action=search select_sort...

9.8CVSS

8.9AI Score

0.004EPSS

2018-10-09 05:29 PM

cve

CVE-2012-2099

Multiple cross-site scripting (XSS) vulnerabilities in Wikidforum 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) search field, or the (2) Author or (3) select_sort parameters in an advanced...

5.8AI Score

0.028EPSS

2013-01-24 01:55 AM

cve

CVE-2012-6520

Multiple SQL injection vulnerabilities in the advanced search in Wikidforum 2.10 allow remote attackers to execute arbitrary SQL commands via the (1) select_sort or (2) opt_search_select parameters. NOTE: this issue could not be reproduced by third...

8.8AI Score

0.003EPSS

2013-01-24 01:55 AM