Lucene search
K

147 matches found

Cvelist
Cvelist
added 2008/10/27 7:0 p.m.25 views

CVE-2008-4754

SQL injection vulnerability in forum.php in Scripts for Sites SFS Ez Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter...

8.4AI score0.03129EPSS
Exploits1References6
CVE
CVE
added 2008/10/27 7:0 p.m.45 views

CVE-2008-4754

The CVE-2008-4754 issue affects Scripts for Sites (SFS) Ez Forum, where the SQL injection flaw is in forum.php via the forum parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands, leading to potential data exposure or modification. The NVD entry lists a CVSS v2 ba...

5.8CVSS8.4AI score0.03129EPSS
Exploits1References6Affected Software1
seebug.org
seebug.org
added 2008/07/05 12:0 a.m.42 views

1024 CMS <= 1.4.4 Multiple Remote/Local File Inclusion Vulnerabilities

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-027 Application: 1024 CMS Versions Affected: 1.4.3, 1.4.4 RFC Vendor URL: http://www.1024cms.com/...

7.1AI score
Exploits0
Prion
Prion
added 2008/05/14 6:20 p.m.10 views

Directory traversal

Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank System 6 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the settingslocale parameter to 1 forum.php and 2 profile.php in infusions/ranksystem/. NOTE: the provenance of this information i...

6.8CVSS7.6AI score0.01855EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2008/05/14 6:0 p.m.18 views

CVE-2008-2227

Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank System 6 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the settingslocale parameter to 1 forum.php and 2 profile.php in infusions/ranksystem/. NOTE: the provenance of this information i...

7AI score0.01855EPSS
Exploits1References4
Cvelist
Cvelist
added 2008/04/15 5:0 p.m.22 views

CVE-2008-1789

SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter...

8.4AI score0.00909EPSS
Exploits1References3
CVE
CVE
added 2008/04/15 5:0 p.m.39 views

CVE-2008-1789

CVE-2008-1789 affects Prozilla Forum (forum.php) and is caused by an SQL injection vulnerability in the forum parameter. The issue allows remote attackers to execute arbitrary SQL commands, per the description. Connected sources confirm the vulnerability details in Prozilla Forum, but no remediat...

6.8CVSS8.4AI score0.00909EPSS
Exploits1References3Affected Software1
seebug.org
seebug.org
added 2008/04/08 12:0 a.m.15 views

Prozilla Forum Service (forum.php forum) SQL Injection Vulnerability

No description provided by source. --==+================================================================================+==-- --==+ Prozilla Forum Service SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- Discovered By:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/04/05 12:0 a.m.33 views

Easynet Forum Host - &#039;forum.php&#039; SQL Injection

--==+================================================================================+==-- --==+ Easynet Forum Host SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz & xprog Discovered On: 5 April...

7.4AI score
Exploits0
Prion
Prion
added 2008/02/01 8:0 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in forum.php in Gerd Tentler Simple Forum 3.2 allow remote attackers to inject arbitrary web script or HTML via the 1 open and 2 dateshow parameters...

4.3CVSS6.1AI score0.01445EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2008/02/01 8:0 p.m.11 views

CVE-2008-0541

Multiple cross-site scripting XSS vulnerabilities in forum.php in Gerd Tentler Simple Forum 3.2 allow remote attackers to inject arbitrary web script or HTML via the 1 open and 2 dateshow parameters...

4.3CVSS5.8AI score0.01445EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2008/01/28 12:0 a.m.23 views

simple32-xss.txt

SIMPLE FORUM v 3.2 MULTIPLE VULNERABILITIES author : tomplixsee my email : [email protected] software : SIMPLE FORUM v3.2 download : http://www.gerd-tentler.de/tools/forum/ 1.XSS vulnerable code on forum.php " " ..... example: http://target/path/forum.php?open="/alertdocument.cookie...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/01/26 12:0 a.m.17 views

Simple Forum 3.2 (FD/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ========================================================= Simple Forum 3.2 FD/XSS Multiple Remote Vulnerabilities ========================================================= SIMPLE FORUM v 3.2 MULTIPLE VULNERABILITIES author : tomplixsee...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/01/09 12:0 a.m.18 views

Tribisur 'forum.php'/'cat_main.php' SQL注入漏洞

BUGTRAQ ID: 27149 CNCAN ID:CNCAN-2008010812 Tribisur是一款基于PHP的WEB应用程序。 Tribisur不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于'forum.php'和'catmain.php'脚本对用户提交的WEB参数处理缺少充分过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 Thomas PEREZ Tribisur 2.0 厂商解决方案 --------- 目前没有解决方案提供:...

6.9AI score
Exploits0
Prion
Prion
added 2008/01/08 7:46 p.m.14 views

Sql injection

Multiple SQL injection vulnerabilities in Tribisur 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to catmain.php and the 2 cat parameter to forum.php in a liste action...

7.5CVSS9.2AI score0.0101EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2008/01/08 7:0 p.m.16 views

CVE-2008-0133

Multiple SQL injection vulnerabilities in Tribisur 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to catmain.php and the 2 cat parameter to forum.php in a liste action...

8.5AI score0.0101EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2007/12/29 12:0 a.m.37 views

jPORTAL 2.3.1 &amp; UserPatch - &#039;forum.php&#039; Remote Code Execution

 $host = $argv1; $path = $argv2; $phpcode = $argv3; $info = "\n\n". " jPORTAL 2.3.1 & UserPatch forum.php Remote PHP Code Execution Exploit\n". "\n". " author: irk4zatyahoo.pl\n". " http://irk4z.wordpress.com\n". "\n". "\n". " greetz: str0ke, wacky, polish under :\n"...

7AI score
Exploits0
Prion
Prion
added 2007/11/05 7:46 p.m.10 views

Directory traversal

Directory traversal vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attackers to create or overwrite arbitrary files via a .. dot dot in the username parameter in a Register action...

7.5CVSS7.3AI score0.02641EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2007/11/05 7:0 p.m.32 views

CVE-2007-5822

The CVE-2007-5822 entry affects Ben Ng Scribe 0.2 and earlier, where a flaw in forum.php allows direct static code injection. An attacker can leverage the username parameter in the Register action to cause remote PHP code to be written into a file under regged/. The root cause appears to be impro...

7.5CVSS7.4AI score0.03311EPSS
Exploits0References8Affected Software1
seebug.org
seebug.org
added 2007/10/06 12:0 a.m.18 views

lustig.cms Forum.PHP远程文件包含漏洞

lustig.cms是一款基于PHP的WEB应用程序。 lustig.cms不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是由于'Forum.PHP'脚本对用户提交的'view'参数缺少过滤,指定远程服务器上的任意文件作为包含对象,可导致以以WEB权限执行任意命令。 lustig.cms 2.5 beta 目前没有解决方案提供: http://lustig.cwsurf.de/cms/ http://www.example.com/forum/forum.php?view=Shell...

7.1AI score
Exploits0
Rows per page
Query Builder