Lucene search
K

150 matches found

Prion
Prion
added 2021/03/19 7:15 p.m.14 views

Cross site scripting

A cross-site scripting XSS issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "srch" parameter...

4.3CVSS5.9AI score0.07604EPSS
Exploits4References2Affected Software1
Prion
Prion
added 2021/03/19 7:15 p.m.17 views

Cross site scripting

A cross-site scripting XSS issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "author" parameter...

4.3CVSS5.9AI score0.06396EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2021/03/19 6:54 p.m.35 views

CVE-2021-27519

A cross-site scripting XSS issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "srch" parameter...

6.1AI score0.07604EPSS
Exploits4References2
CVE
CVE
added 2021/03/19 6:54 p.m.117 views

CVE-2021-27519

CVE-2021-27519 – FUDForum 3.1.0 Cross-Site Scripting Affected software: FUDForum 3.1.0. Issue: an XSS vulnerability exists in index.php where user input in the “srch” parameter is not properly sanitized, allowing remote attackers to inject JavaScript. Impact: as described, successful exploitation...

6.1CVSS5.9AI score0.07604EPSS
Exploits4References2Affected Software1
CVE
CVE
added 2021/03/19 6:53 p.m.116 views

CVE-2021-27520

CVE-2021-27520 is a documented XSS vulnerability in FUDForum 3.1.0. The issue allows an attacker to inject JavaScript via index.php when supplying the author parameter, potentially enabling script execution in the context of other users and, as described in connected data, may lead to cookie-base...

6.1CVSS5.9AI score0.06396EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2021/03/19 6:53 p.m.30 views

CVE-2021-27520

A cross-site scripting XSS issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "author" parameter...

6.1AI score0.06396EPSS
Exploits4References2
CNNVD
CNNVD
added 2021/03/19 12:0 a.m.7 views

FUDForum 跨站脚本漏洞

FUDforum is an open source forum system built on PHP+MySQL/PostgreSQL. A cross-site scripting vulnerability exists in FUDForum 3.1.0. An attacker can exploit this vulnerability to inject JavaScript via the srch parameter in index.php...

6.1CVSS5.3AI score0.07604EPSS
Exploits4References5
CNNVD
CNNVD
added 2021/03/19 12:0 a.m.7 views

FUDForum 跨站脚本漏洞

FUDforum is an open source forum system built on PHP+MySQL/PostgreSQL. A cross-site scripting vulnerability exists in FUDForum 3.1.0. An attacker can exploit this vulnerability to inject JavaScript via the author parameter in index.php...

6.1CVSS5.3AI score0.06396EPSS
Exploits4References5
NVD
NVD
added 2020/01/27 10:15 p.m.15 views

CVE-2013-2267

PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system...

9CVSS7.5AI score0.08829EPSS
Exploits2References2
Prion
Prion
added 2020/01/27 10:15 p.m.16 views

Code injection

PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system...

9CVSS8.7AI score0.08829EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2020/01/27 9:39 p.m.30 views

CVE-2013-2267

PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system...

7.5AI score0.08829EPSS
Exploits2References2
CVE
CVE
added 2020/01/27 9:39 p.m.44 views

CVE-2013-2267

FUDforum 3.0.4 and earlier are affected by a PHP code injection in /adm/admreplace.php due to insufficient validation of POST parameters regex_str, regex_str_opt and regex_with, allowing remote attackers to inject and execute arbitrary PHP code on the server with web server privileges (CWE-94). T...

9CVSS7.5AI score0.08829EPSS
Exploits2References2Affected Software1
Check Point Advisories
Check Point Advisories
added 2019/12/05 12:0 a.m.19 views

FUDForum Remote Code Execution (CVE-2019-18873)

A remote code execution vulnerability exists in FUDForum. Successful exploitation could result in execution of arbitrary code on the affected system...

8.5CVSS3.9AI score0.08154EPSS
Exploits6
CNVD
CNVD
added 2019/11/14 12:0 a.m.5 views

FUDForum Cross-Site Scripting Vulnerability

FUDforum is an open source forum system built on PHP+MySQL/PostgreSQL. FUDForum 3.0.9 suffers from a stored cross-site scripting vulnerability that can be exploited by an attacker to achieve remote code execution via the nlogin parameter...

9CVSS7.4AI score0.05436EPSS
Exploits3References1
OSV
OSV
added 2019/11/13 3:15 p.m.11 views

CVE-2019-18839

FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter. This may result in remote code execution. An attacker can use a user account to fully compromise the system using a POST request. When the admin visits the user information, the payload will execute. This will allow for PHP file...

9CVSS6.8AI score
Exploits0References2
NVD
NVD
added 2019/11/13 3:15 p.m.12 views

CVE-2019-18839

FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter. This may result in remote code execution. An attacker can use a user account to fully compromise the system using a POST request. When the admin visits the user information, the payload will execute. This will allow for PHP file...

9CVSS9.1AI score0.05436EPSS
Exploits3References2
Prion
Prion
added 2019/11/13 3:15 p.m.12 views

Design/Logic Flaw

FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter. This may result in remote code execution. An attacker can use a user account to fully compromise the system using a POST request. When the admin visits the user information, the payload will execute. This will allow for PHP file...

8.5CVSS8.9AI score0.05436EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2019/11/13 2:41 p.m.17 views

CVE-2019-18839

FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter. This may result in remote code execution. An attacker can use a user account to fully compromise the system using a POST request. When the admin visits the user information, the payload will execute. This will allow for PHP file...

9.1AI score0.05436EPSS
Exploits3References2
CVE
CVE
added 2019/11/13 2:41 p.m.43 views

CVE-2019-18839

CVE-2019-18839 affects FUDForum 3.0.9. The vulnerability is a Stored XSS through the nlogin parameter, which can lead to remote code execution. An attacker can abuse a normal user account to fully compromise the system by sending a POST request; when an admin views the user information, the paylo...

9CVSS9.1AI score0.05436EPSS
Exploits3References2Affected Software1
exploitpack
exploitpack
added 2019/11/13 12:0 a.m.101 views

FUDForum 3.0.9 - Remote Code Execution

FUDForum 3.0.9 - Remote Code Execution Exploit Title : FUDForum 3.0.9 - Remote Code Execution Date: 2019-10-26 Exploit Author: liquidsky JMcPeters Vulnerable Software: FUDForum 3.0.9 Vendor Homepage: https://sourceforge.net/projects/fudforum/ Version: 3.0.9 Software Link:...

8.5CVSS9.5AI score0.08154EPSS
Exploits6
Rows per page
Query Builder