19 matches found
EUVD-2009-3785
Malware in sbrugna...
EUVD-2004-2746
Malware in sbrugna...
EUVD-2005-4302
Malware in sbrugna...
Simple forum forum1.php file SQL Injection Vulnerability
Simple forum is a simple forum. Simple forum suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter File in the file /forum1.php. An attacker can exploit this vulnerability to execute illegal SQL commands to ste...
CVE-2004-2756
Cross-site scripting XSS vulnerability in viewtopic.php in Xoops 2.x, possibly 2 through 2.0.5, allows remote attackers to inject arbitrary web script or HTML via the 1 forum and 2 topicid parameters...
CVE-2023-31800
Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum title parameter...
Dokeos 'forum' and 'origin' cross-site scripting vulnerabilities
Dokeos is an open source online education and course management system . The system supports file uploading , courseware production , notification and other teaching support functions. Dokeos 1.8.4 and previous versions of cross-site scripting vulnerabilities , the vulnerability stems from...
Sql injection
Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the 1 forum parameter to modules/forum/post.php and possibly 2 forumid variable to modules/forum/class/class.permissions.php...
CVE-2009-3813
Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the 1 forum parameter to modules/forum/post.php and possibly 2 forumid variable to modules/forum/class/class.permissions.php...
CVE-2008-4754
SQL injection vulnerability in forum.php in Scripts for Sites SFS Ez Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter...
CVE-2008-4754
The CVE-2008-4754 issue affects Scripts for Sites (SFS) Ez Forum, where the SQL injection flaw is in forum.php via the forum parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands, leading to potential data exposure or modification. The NVD entry lists a CVSS v2 ba...
CVE-2008-2965
Cross-site scripting XSS vulnerability in viewforum.php in JaxUltraBB JUBB 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter...
CVE-2008-2965
Cross-site scripting XSS vulnerability in viewforum.php in JaxUltraBB JUBB 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter...
Sql injection
SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter...
CVE-2006-3096
CVE-2006-3096: Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to execute arbitrary SQL via user-controlled input in (1) the forum parameter in messagepost.cfm and (2) the topic parameter in topics.cfm. Root cause described as improper handling of inp...
CVE-2005-4307
Cross-site scripting XSS vulnerability in ScareCrow 2.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter to 1 forum.cgi and 2 post.cgi, or 3 the user parameter to profile.cgi...
CVE-2005-3585
SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the forum parameter...
CVE-2005-3584
CVE-2005-3584 is a cross-site scripting (XSS) vulnerability in PhpWebThings 1.4.4, exploitable through forum.php via the forum parameter. The underlying issue is insufficient input sanitization for that parameter, enabling remote attackers to inject arbitrary web script or HTML. The connected doc...
CVE-2005-3585
SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the forum parameter...