CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

200 matches found

Positive Technologies•added 2026/03/09 12:0 a.m.•1 views

PT-2026-24146

Name of the Vulnerable Software and Affected Versions Flarum affected versions not specified Description The Flarum forum software, when used with the flarum/nicknames extension, allows a registered user to set a nickname that email clients may interpret as a hyperlink. This nickname is directly...

4.6CVSS5.8AI score0.00039EPSS

Exploits0References7

RedhatCVE•added 2026/01/09 11:58 a.m.•4 views

CVE-2018-19133

In Flarum Core 0.1.0-beta.7.1, a serious leak can get everyone's email address...

5.3CVSS6.8AI score0.00194EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:39 a.m.•5 views

CVE-2022-35921

fof/byobu is a private discussions extension for Flarum forum. Affected versions were found to not respect private discussion disablement by users. Users of Byobu should update the extension to version 1.1.7, where this has been patched. Users of Byobu with Flarum 1.0 or 1.1 should upgrade to...

4.3CVSS6.9AI score0.00168EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:56 a.m.•5 views

CVE-2023-40033

Flarum is an open source forum software. Flarum is affected by a vulnerability that allows an attacker to conduct a Blind Server-Side Request Forgery SSRF attack or disclose any file on the server, even with a basic user account on any Flarum forum. By uploading a file containing a URL and spoofi...

7.1CVSS6.8AI score0.00195EPSS

Exploits0References1

Snyk•added 2025/12/11 10:7 p.m.•2 views

PHP Remote File Inclusion

Overview fof/pretty-mail is a Create HTML email for Flarum Affected versions of this package are vulnerable to PHP Remote File Inclusion via the email template processing. An attacker can access arbitrary files on the server by injecting file inclusion payloads into the template configuration...

6.9CVSS6.9AI score0.00062EPSS

Exploits0References2

CNNVD•added 2025/12/11 12:0 a.m.•2 views

Pretty Mail by FriendsOfFlarum 安全漏洞

Pretty Mail by FriendsOfFlarum is an open source tool from Friends of Flarum that allows you to make custom html templates for emails. A security vulnerability exists in Pretty Mail by FriendsOfFlarum version 1.1.2, which stems from a server-side template injection in an email template that could...

8.6CVSS6.9AI score0.00024EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-4706

Malware in sbrugna...

8.8CVSS8.8AI score0.00196EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-1271

Malware in sbrugna...

10CVSS8.8AI score0.00758EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-0503

Malware in sbrugna...

5.4CVSS5.4AI score0.00347EPSS

Exploits0References7

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-2223