CVE-2019-25642

Bootstrapy CMS is affected by multiple SQL injection vulnerabilities that enable unauthenticated attackers to execute arbitrary SQL via POST parameters. Specifically, the thread_id parameter in forum-thread.php, the subject parameter in contact-submit.php, the post-id parameter in post-new-submit...

CVE-2019-25642 Bootstrapy CMS Lastest Multiple SQL Injection via Forum and Contact Modules

Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters. Attackers can inject SQL payloads into the threadid parameter of forum-thread.php, the subject parameter of...

Admidio 安全漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Versions 5.0.0 to 5.0.6 of Admidio have security vulnerabilities. These vulnerabilities stem...

CVE-2025-31342

An unrestricted upload of file with dangerous type vulnerability in the upload file function of Galaxy Software Services Corporation Vitals ESP Forum Module through 1.3 version allows remote authenticated users to execute arbitrary system commands via a malicious file...

EUVD-2010-1619

Malware in sbrugna...

EUVD-2006-0856

Malware in sbrugna...

EUVD-2009-2351

Malware in sbrugna...

EUVD-2008-4337

Malware in sbrugna...

EUVD-2008-0365

Malware in sbrugna...

EUVD-2005-2339

Malware in sbrugna...

EUVD-2003-1360

Malware in sbrugna...

EUVD-2011-5129

Malware in sbrugna...

EUVD-2007-4155

Malware in sbrugna...

EUVD-2005-3435

Malware in sbrugna...

EUVD-2009-2398

Malware in sbrugna...

CVE-2023-24763

In the module "Xen Forum" xenforum for PrestaShop, an authenticated user can perform SQL injection in versions up to 2.13.0...

GHSA-W8FQ-XGVH-CXC2 Silverstripe Forum Module CSRF Vulnerability

A number of form actions in the Forum module are directly accessible. A malicious user e.g. spammer can use GET requests to create Members and post to forums, bypassing CSRF and anti-spam measures. Additionally, a forum moderator could be tricked into clicking a specially crafted URL, resulting i...

PT-2024-40494 · Unknown · Forum Module

Name of the Vulnerable Software and Affected Versions: Forum module affected versions not specified Description: The issue allows malicious users, such as spammers, to create members and post to forums using GET requests, bypassing CSRF and anti-spam measures. Additionally, a forum moderator can ...

SilverStripe vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via 1 the CommenterURL parameter to PostCommentForm, and in the Forum module before 0.2.5 in SilverStripe before 2.3.5 allow remote attackers to inject...

Moodle allows attackers to obtain sensitive information

The identity-reporting implementations in mod/forum/renderer.php and mod/quiz/overrideform.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properly restrict the display of e-mail addresses, which allows remote authenticated users to obtain...