472 matches found
CVE-2000-1230
Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to access restricted web pages via an HTTP request with the PHPAUTHUSER parameter set to "boogieman"...
CVE-2000-1229
Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum administrators to read arbitrary files via ".." dot dot sequences in the default .langfile name field in the Master Settings administrative function, which causes the file to be displayed in admin.php3...
gps-tour.info Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1154733 Security Researcher metamorfosec Helped patch 1963 vulnerabilities Received 9 Coordinated Disclosure badges Received 31 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting gps-tour.info website...
CVE-2011-3622
A Cross-Site Scripting XSS vulnerability exists in the admin login screen in Phorum before 5.2.18...
Cross site scripting
A Cross-Site Scripting XSS vulnerability exists in the admin login screen in Phorum before 5.2.18...
CVE-2011-3622
CVE-2011-3622 describes an XSS vulnerability in the admin login screen of the Phorum web forum software prior to version 5.2.18. The issue is documented across multiple sources (NVD) as a Cross-Site Scripting vulnerability, with impact details indicating user interaction may be required depending...
CVE-2011-3622
A Cross-Site Scripting XSS vulnerability exists in the admin login screen in Phorum before 5.2.18...
motoride.sk XSS vulnerability
Open Bug Bounty ID: OBB-614114 Description| Value ---|--- Affected Website:| motoride.sk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Phorum 5.2.19 Cross Site Scripting / Open Redirect
Phorum 5.2.19: Reflected XSS IIS only and Open Redirect Security Advisory – Curesec Research Team 1. Introduction Affected Product: Phorum 5.2.19 Fixed in: 5.2.20 Fixed Version Link: http://www.phorum.org/downloads/phorum5220.zip Vendor Contact: [email protected] Vulnerability Type: Reflected...
CVE-2012-6659
Cross-site scripting XSS vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
Cross site scripting
Cross-site scripting XSS vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2012-6659
Cross-site scripting XSS vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2012-6659
Phorum prior to version 5.2.19 is affected by a cross-site scripting (XSS) vulnerability in the admin interface that allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Root cause details are not further described in the provided documents beyond the XSS in the admin...
CVE-2012-4234
Cross-site scripting XSS vulnerability in the group moderation screen in the control center control.php in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via the group parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in the group moderation screen in the control center control.php in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via the group parameter...
CVE-2012-4234
CVE-2012-4234 is an XSS vulnerability in Phorum prior to 5.2.19, exploitable via the group parameter in control.php. The root cause is insufficient sanitization of the group input, allowing arbitrary HTML/JavaScript to be returned to users. Public advisories (HTB23109) confirm the issue and indic...
CVE-2012-4234
Cross-site scripting XSS vulnerability in the group moderation screen in the control center control.php in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via the group parameter...
Phorum <= 5.2.11 Permanent Cross Site Scripting Vulnerabilities
No description provided by source. //----- Advisory Program : Phorum 5.2.11 and prior Homepage : http://www.phorum.org/ Discovery : 2009/07/16 Author Contacted : 2009/07/17 Found by : CrashFr This Advisory : CrashFr //----- Application description Started in 1998, Phorum was the original PHP and...
Phorum 3.4 Email Subject Line Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7262/info It has been reported that it is possible to inject script code into the subject of a message in Phorum. This may be done by constructing a malicious subject line or other fields before sending an email to the...
m-phorum 0.3 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25394/info m-phorum is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...