CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. source: http://www.securityfocus.com/bid/12852/info Multiple remote input validation vulnerabilities affect CoolForum. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•33 views

CoolForum 0.5/0.7/0.8 register.php login Parameter SQL Injection

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•29 views

CoolForum 0.x Editpost.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18268/info CoolForum is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow...

7.1AI score

Exploits0

NVD•added 2006/06/06 8:6 p.m.•9 views

CVE-2006-2867

SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter...

7.5CVSS8.4AI score0.01075EPSS

Exploits1References6

Prion•added 2006/06/06 8:6 p.m.•8 views

Sql injection

SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter...

7.5CVSS9.1AI score0.01075EPSS

Exploits1References6Affected Software1

CVE•added 2006/06/06 8:3 p.m.•34 views

CVE-2006-2867

CVE-2006-2867 is a SQL injection flaw in editpost.php of CoolForum 0.8.3 beta and earlier. The vulnerability allows remote attackers to inject SQL via the post parameter, potentially enabling arbitrary SQL execution. Documents consistently identify this as the affected component and vulnerability...

7.5CVSS8.4AI score0.01075EPSS

Exploits1References6Affected Software1

Cvelist•added 2006/06/06 8:3 p.m.•13 views

CVE-2006-2867

SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter...

8.4AI score0.01075EPSS

Exploits1References6

exploitpack•added 2006/06/05 12:0 a.m.•11 views

CoolForum 0.x - editpost.php SQL Injection

CoolForum 0.x - editpost.php SQL Injection source: https://www.securityfocus.com/bid/18268/info CoolForum is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...

0.4AI score

Exploits0

Packet Storm•added 2006/06/05 12:0 a.m.•20 views

coolforum083.txt

Type: SQL Injection Risk: Critical Product: CoolForum query"SELECT idforum,idmembre,parent FROM ".$PRE."posts WHERE idpost=".$idpost; $j = mysqlfetcharray$query; -- Proof Of Concept http://.../editpost.php?forumid=1&post=3 UNION SELECT userid,login,password FROM cfuser INTO OUTFILE...

7.4AI score

Exploits0

Exploit DB•added 2006/06/05 12:0 a.m.•22 views

CoolForum 0.x - 'editpost.php' SQL Injection

source: https://www.securityfocus.com/bid/18268/info CoolForum is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

7.4AI score

Exploits0

securityvulns•added 2006/06/05 12:0 a.m.•29 views

Critical SQL Injection in CoolForum

Type: SQL Injection Risk: Critical Product: CoolForum = 0.8.3 beta Vulnerability // File: editpost.php // Line 38 // ifisset$REQUEST'post' $post = intval$REQUEST'post'; else $post = 0; -- // Line 77 // $canedit = getrightedit$REQUEST'post',$REQUEST'forumid'; -- // File: admin/functions.php // Lin...

Exploits0

NVD•added 2005/05/02 4:0 a.m.•11 views

CVE-2005-0857

Cross-site scripting XSS vulnerability in avatar.php for CoolForum 0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the img parameter...

4.3CVSS5.8AI score0.00401EPSS

Exploits1References3

NVD•added 2005/05/02 4:0 a.m.•12 views

CVE-2005-0855

CoolForum 0.8.1 beta and earlier allows remote attackers to obtain sensitive path information via direct requests to 1 entete.php, 2 profileaccueil.php, 3 profilemdp.php, 4 profilenotify.php, 5 profileoptions.php, 6 profileperso.php, 7 profilepm.php, or 8 readannonce.php, which leaks the full...

10CVSS6.3AI score0.01214EPSS

Exploits1References2

NVD•added 2005/05/02 4:0 a.m.•8 views

CVE-2005-0856

CoolForum 0.8.1 beta and earlier allows remote attackers to manipulate SQL commands via certain requests to 1 alert.php or 2 viewip.php, possibly due to a SQL injection vulnerability...

7.5CVSS7.9AI score0.00518EPSS

Exploits1References2

NVD•added 2005/05/02 4:0 a.m.•9 views

CVE-2005-0858

Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the pseudo parameter to entete.php or 2 the login parameter to register.php...

7.5CVSS8.5AI score0.00341EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by