Lucene search

Todoo Forum Security Vulnerabilities

cve

CVE-2010-0938

Cross-site scripting (XSS) vulnerability in todooforum.php in Todoo Forum 2.0 allows remote attackers to inject arbitrary web script or HTML via the id_forum parameter in a post action.

5.8AI Score

0.002EPSS

2010-03-08 03:30 PM

cve

CVE-2013-3537

Multiple SQL injection vulnerabilities in todooforum.php in Todoo Forum 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) id_post or (2) pg parameter.

8.8AI Score

0.001EPSS

2013-05-13 11:55 PM

cve

CVE-2013-3538

Multiple cross-site scripting (XSS) vulnerabilities in todooforum.php in Todoo Forum 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id_post or (2) pg parameter.

5.9AI Score

0.002EPSS

2013-05-13 11:55 PM