Lucene search
K

22 matches found

RedhatCVE
RedhatCVE
added 2026/03/27 2:25 p.m.8 views

CVE-2021-27520

A cross-site scripting XSS issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "author" parameter...

6.1CVSS5.8AI score0.06396EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:18 a.m.6 views

CVE-2019-18839

FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter. This may result in remote code execution. An attacker can use a user account to fully compromise the system using a POST request. When the admin visits the user information, the payload will execute. This will allow for PHP file...

9CVSS6.8AI score0.05436EPSS
Exploits3References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-8540

Malware in sbrugna...

9CVSS8.9AI score0.05436EPSS
Exploits3References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2002-1405

Malware in sbrugna...

5CVSS6.4AI score0.0661EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-52655

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.00534EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:5 a.m.6 views

CVE-2022-28545

FUDforum 3.1.1 is vulnerable to Stored XSS...

5.4CVSS6.7AI score0.00444EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:51 p.m.7 views

CVE-2022-30863

FUDForum 3.1.2 is vulnerable to Cross Site Scripting XSS via pagetitle param in Page Manager in the Admin Control Panel...

4.8CVSS6AI score0.00534EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:50 p.m.11 views

CVE-2022-30860

FUDforum 3.1.2 is vulnerable to Remote Code Execution through Upload File feature of File Administration System in Admin Control Panel...

7.2CVSS7.5AI score0.22985EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:49 p.m.8 views

CVE-2022-30861

FUDforum 3.1.2 is vulnerable to Stored XSS via Forum Name field in Forum Manager Feature...

4.8CVSS5.6AI score0.00534EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:22 a.m.8 views

CVE-2019-18873

FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the control panel, the payload...

9CVSS6.6AI score0.08154EPSS
Exploits6References1
Cvelist
Cvelist
added 2024/04/17 12:0 a.m.18 views

CVE-2024-30951

FUDforum v3.1.3 was discovered to contain a reflected cross-site scripting XSS vulnerability via the chpos parameter at /adm/admsmiley.php...

6.1AI score0.00369EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.6 views

PT-2024-23688 · Fudforum · Fudforum

Name of the Vulnerable Software and Affected Versions: FUDforum version 3.1.3 Description: A reflected cross-site scripting XSS issue was discovered in FUDforum. The vulnerability is exploited via the chpos parameter at the "/adm/admsmiley.php" API endpoint. Recommendations: For FUDforum version...

6.1CVSS5.4AI score0.00369EPSS
Exploits1References10
Prion
Prion
added 2022/05/06 5:15 p.m.13 views

Cross site scripting

FUDforum 3.1.1 is vulnerable to Stored XSS...

3.5CVSS5.5AI score0.00444EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/02/18 12:0 a.m.9 views

The vulnerability of the FUDforum internet forum, related to the lack of measures taken to protect the website structure, allows a perpetrator to execute arbitrary code.

The vulnerability of the FUDforum internet forum is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor, operating remotely, to inject arbitrary code during the administrator’s email reading process. This code can then...

9CVSS5.8AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2021/03/22 12:0 a.m.7 views

FUDForum cross-site scripting vulnerability (CNVD-2021-22862)

FUDforum is an open source forum system built on PHP+MySQL/PostgreSQL. A cross-site scripting vulnerability exists in FUDForum 3.1.0. An attacker can exploit this vulnerability to inject JavaScript via the srch parameter in index.php...

6.1CVSS5.8AI score0.07604EPSS
Exploits4References1
Prion
Prion
added 2019/11/13 3:15 p.m.11 views

Design/Logic Flaw

FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter. This may result in remote code execution. An attacker can use a user account to fully compromise the system using a POST request. When the admin visits the user information, the payload will execute. This will allow for PHP file...

8.5CVSS8.9AI score0.05436EPSS
Exploits3References2Affected Software1
Prion
Prion
added 2019/11/12 2:15 a.m.12 views

Design/Logic Flaw

FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. This may result in remote code execution. An attacker can use a user account to fully compromise the system via a GET request. When the admin visits user information under "User Manager" in the control panel, the payload...

8.5CVSS8.9AI score0.08154EPSS
Exploits6References2Affected Software1
NVD
NVD
added 2003/04/11 4:0 a.m.11 views

CVE-2002-1422

admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters...

5CVSS6.7AI score0.0661EPSS
Exploits1References4
CVE
CVE
added 2003/03/18 5:0 a.m.43 views

CVE-2002-1422

The CVE-2002-1422 issue affects FUDforum prior to 2.2.0. Vulnerable component: admbrowse.php. Root cause: the cur and dest parameters allow URL-encoded pathnames to be used in a way that enables remote attackers to create or delete files. Impact: file creation/deletion via the web interface, with...

5CVSS7.1AI score0.0661EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2003/03/18 5:0 a.m.20 views

CVE-2002-1422

admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters...

6.7AI score0.0661EPSS
Exploits1References4
Rows per page
Query Builder