Lucene search
K

472 matches found

redhatcve
redhatcve
added 2025/05/21 7:14 p.m.5 views

CVE-2000-1230

Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to access restricted web pages via an HTTP request with the PHPAUTHUSER parameter set to "boogieman"...

5CVSS7.1AI score0.03252EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/21 7:14 p.m.7 views

CVE-2000-1229

Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum administrators to read arbitrary files via ".." dot dot sequences in the default .langfile name field in the Master Settings administrative function, which causes the file to be displayed in admin.php3...

5CVSS7.1AI score0.01561EPSS
Exploits1References1
openbugbounty
openbugbounty
added 2020/05/02 5:56 p.m.6 views

gps-tour.info Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1154733 Security Researcher metamorfosec Helped patch 1963 vulnerabilities Received 9 Coordinated Disclosure badges Received 31 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting gps-tour.info website...

0.2AI score
Exploits0
nvd
nvd
added 2020/01/22 8:15 p.m.24 views

CVE-2011-3622

A Cross-Site Scripting XSS vulnerability exists in the admin login screen in Phorum before 5.2.18...

6.1CVSS6AI score0.00655EPSS
Exploits0References2
prion
prion
added 2020/01/22 8:15 p.m.15 views

Cross site scripting

A Cross-Site Scripting XSS vulnerability exists in the admin login screen in Phorum before 5.2.18...

4.3CVSS6AI score0.00655EPSS
Exploits0References2Affected Software1
cve
cve
added 2020/01/22 7:48 p.m.66 views

CVE-2011-3622

CVE-2011-3622 describes an XSS vulnerability in the admin login screen of the Phorum web forum software prior to version 5.2.18. The issue is documented across multiple sources (NVD) as a Cross-Site Scripting vulnerability, with impact details indicating user interaction may be required depending...

6.1CVSS5.9AI score0.00655EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2020/01/22 7:48 p.m.21 views

CVE-2011-3622

A Cross-Site Scripting XSS vulnerability exists in the admin login screen in Phorum before 5.2.18...

5.9AI score0.00655EPSS
Exploits0References2
openbugbounty
openbugbounty
added 2018/05/08 4:46 p.m.7 views

motoride.sk XSS vulnerability

Open Bug Bounty ID: OBB-614114 Description| Value ---|--- Affected Website:| motoride.sk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
packetstorm
packetstorm
added 2015/08/18 12:0 a.m.41 views

Phorum 5.2.19 Cross Site Scripting / Open Redirect

Phorum 5.2.19: Reflected XSS IIS only and Open Redirect Security Advisory – Curesec Research Team 1. Introduction Affected Product: Phorum 5.2.19 Fixed in: 5.2.20 Fixed Version Link: http://www.phorum.org/downloads/phorum5220.zip Vendor Contact: [email protected] Vulnerability Type: Reflected...

0.1AI score
Exploits0
nvd
nvd
added 2014/09/19 2:55 p.m.12 views

CVE-2012-6659

Cross-site scripting XSS vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.3CVSS5.6AI score0.00931EPSS
Exploits0References2
prion
prion
added 2014/09/19 2:55 p.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.3CVSS6AI score0.00931EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2014/09/19 2:0 p.m.19 views

CVE-2012-6659

Cross-site scripting XSS vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

5.6AI score0.00931EPSS
Exploits0References2
cve
cve
added 2014/09/19 2:0 p.m.43 views

CVE-2012-6659

Phorum prior to version 5.2.19 is affected by a cross-site scripting (XSS) vulnerability in the admin interface that allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Root cause details are not further described in the provided documents beyond the XSS in the admin...

4.3CVSS5.8AI score0.00931EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2014/09/04 2:55 p.m.26 views

CVE-2012-4234

Cross-site scripting XSS vulnerability in the group moderation screen in the control center control.php in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via the group parameter...

4.3CVSS5.6AI score0.0229EPSS
Exploits3References7
prion
prion
added 2014/09/04 2:55 p.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in the group moderation screen in the control center control.php in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via the group parameter...

4.3CVSS6.1AI score0.0229EPSS
Exploits3References7Affected Software1
cve
cve
added 2014/09/04 2:0 p.m.62 views

CVE-2012-4234

CVE-2012-4234 is an XSS vulnerability in Phorum prior to 5.2.19, exploitable via the group parameter in control.php. The root cause is insufficient sanitization of the group input, allowing arbitrary HTML/JavaScript to be returned to users. Public advisories (HTB23109) confirm the issue and indic...

4.3CVSS5.8AI score0.0229EPSS
Exploits3References7Affected Software1
cvelist
cvelist
added 2014/09/04 2:0 p.m.31 views

CVE-2012-4234

Cross-site scripting XSS vulnerability in the group moderation screen in the control center control.php in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via the group parameter...

5.6AI score0.0229EPSS
Exploits3References7
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

Phorum <= 5.2.11 Permanent Cross Site Scripting Vulnerabilities

No description provided by source. //----- Advisory Program : Phorum 5.2.11 and prior Homepage : http://www.phorum.org/ Discovery : 2009/07/16 Author Contacted : 2009/07/17 Found by : CrashFr This Advisory : CrashFr //----- Application description Started in 1998, Phorum was the original PHP and...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.17 views

Phorum 3.4 Email Subject Line Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7262/info It has been reported that it is possible to inject script code into the subject of a message in Phorum. This may be done by constructing a malicious subject line or other fields before sending an email to the...

6.7AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

m-phorum 0.3 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25394/info m-phorum is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

7.1AI score
Exploits0
Rows per page
Query Builder