2 matches found
CVE-2009-4884
phpCommunity 2.1.8 contains multiple SQL injection vulnerabilities exploitable remotely via index.php parameters (forum_id, topic_id, wert in id/nick/forum search actions). Related to class_forum.php and class_search.php. OpenVAS notes multiple input-validation issues; CVSS base 6.8 (medium). Imp...
phpCommunity2 Multiple Remote Input Validation Vulnerabilities
phpCommunity2 is prone to multiple input-validation vulnerabilities, including multiple directory-traversal issues and SQL-injection issues, and a cross-site scripting issue. Exploiting these issues could allow an attacker to view arbitrary local files within the context of the webserver, steal...