EUVD-2020-30963

PHPFusion 9.03.50 contains a persistent cross-site scripting vulnerability in the print.php page that fails to properly sanitize user-submitted message content. Attackers can inject malicious JavaScript through forum messages that will execute when the print page is generated, allowing script...

CVE-2020-36996 PHPFusion 9.03.50 - Persistent Cross-Site Scripting

PHPFusion 9.03.50 contains a persistent cross-site scripting vulnerability in the print.php page that fails to properly sanitize user-submitted message content. Attackers can inject malicious JavaScript through forum messages that will execute when the print page is generated, allowing script...

CVE-2020-36996 PHPFusion 9.03.50 - Persistent Cross-Site Scripting

PHPFusion 9.03.50 contains a persistent cross-site scripting vulnerability in the print.php page that fails to properly sanitize user-submitted message content. Attackers can inject malicious JavaScript through forum messages that will execute when the print page is generated, allowing script...

CVE-2020-36996

CVE-2020-36996 affects PHPFusion 9.03.50. The vulnerability is a persistent cross-site scripting flaw in the print.php page that fails to sanitize user-submitted forum messages. An attacker can inject JavaScript through forum content, which then executes when the print page is generated, enabling...

CVE-2021-28968

An issue was discovered in PunBB before 1.4.6. An XSS vulnerability in the email BBcode tag allows with authentication injecting arbitrary JavaScript into any forum message...

EUVD-2021-15615

Malware in sbrugna...

EUVD-2017-14109

Malware in sbrugna...

CVE-2022-25091

Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature...

PT-2023-12779 · Infopop · Infopop Ultimate Bulletin Board

Name of the Vulnerable Software and Affected Versions: Infopop Ultimate Bulletin Board versions up to 5.47a Description: The issue allows all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature. Recommendations: For Infopop Ultimate Bulletin...

CVE-2021-28968

An issue was discovered in PunBB before 1.4.6. An XSS vulnerability in the email BBcode tag allows with authentication injecting arbitrary JavaScript into any forum message...

CVE-2017-4999

EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an authorization bypass through user-controlled key vulnerability in Discussion Forum Messages. A remote low privileged attacker may potentially exploit this vulnerability to elevate their privileges and view other...

CVE-2017-4999

EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an authorization bypass through user-controlled key vulnerability in Discussion Forum Messages. A remote low privileged attacker may potentially exploit this vulnerability to elevate their privileges and view other...

Authorization

EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an authorization bypass through user-controlled key vulnerability in Discussion Forum Messages. A remote low privileged attacker may potentially exploit this vulnerability to elevate their privileges and view other...

CVE-2017-4999

CVE-2017-4999 pertains to EMC RSA Archer across multiple 5.x releases (e.g., 5.4.1.3, 5.5.x). The vulnerability is an authorization bypass in the Discussion Forum Messages component caused by handling of input via user-controlled keys, enabling a remote, low-privileged attacker to elevate privile...

CVE-2017-4999

EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is affected by an authorization bypass through user-controlled key vulnerability in Discussion Forum Messages. A remote low privileged attacker may potentially exploit this vulnerability to elevate their privileges and view other...

Snitz Forums 2000 3.0/3.1/3.3 Image Tag Cross-Agent Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4192/info Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems. Snitz Forums 2000 allows users to include images in forum messages using image tags, with the following syntax:...

vBulletin 2.2.7/2.2.8 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6337/info Problems with vBulletin could make it possible for an attacker to inject arbitrary HTML in vBulletin forum messages. vBulletin does not sufficiently filter potentially malicious HTML code from posted messages. A...

Ikonboard 2.17/3.0/3.1 Image Tag Cross-Agent Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4182/info Ikonboard is a Web Bulletin Board Service BBS software package written in Perl which runs on Unix and Linux variants. Ikonboard allows users to include images in forum messages using image tags, with the followi...

CVE-2004-1879

CVE-2004-1879 describes a cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03, allowing remote attackers to inject arbitrary web script or HTML through forum messages. The available documents do not specify the exact vector (stored vs reflected) or impact beyond the ability to execute scrip...

CVE-2004-1879

Cross-site scripting XSS vulnerability in PHPKIT 1.6.03 allows allows remote attackers to inject arbitrary web script or HTML via forum messages...