Cross-site Scripting (XSS)

Overview YAFNET.Core is an Open Source Forum solution! The YAF.NET project is an international collaboration of like-minded, skilled, and creative individuals who are striving to make YAF.NET the most robust and malleable forum solutions available. Affected versions of this package are vulnerable...

Code-Projects Simple IT Discussion Forum SQL注入漏洞

Code-Projects Simple IT Discussion Forum is a simple forum developed by Code-Projects as open source. Version 1.0 of the code-projects Simple IT Discussion Forum has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter catid in the file...

Flatboard Pro 跨站脚本漏洞

Flatboard Pro is an open source forum system by Flatboard. A cross-site scripting vulnerability exists in Flatboard Pro versions prior to 3.2.2, which stems from insufficient validation of the replace parameter input in config.php, and could lead to a stored cross-site scripting attack...

CVE-2025-27794

Flarum is open-source forum software. A session hijacking vulnerability exists in versions prior to 1.8.10 when an attacker-controlled authoritative subdomain under a parent domain e.g., subdomain.host.com sets cookies scoped to the parent domain .host.com. This allows session token replacement f...

Discourse 代码问题漏洞

Discourse is an open source community discussion platform. The platform includes community, email, and chat room features. Discourse suffers from a code issue vulnerability that stems from the lack of cross-site request forgery protection...

Flarum Cross-Site Scripting Vulnerability

Flarum and others are products of the Flarum Flarum community. flarum is an open source forum system. Flarum has a cross-site scripting vulnerability that can be exploited by attackers to inject HTML code...

Flarum跨站脚本漏洞

Flarum and others are products of the Flarum Flarum community. flarum is an open source forum system. Flarum has a cross-site scripting vulnerability that can be exploited by attackers to inject HTML code...

FUDForum cross-site scripting vulnerability (CNVD-2021-22864)

FUDforum is an open source forum system built on PHP+MySQL/PostgreSQL. A cross-site scripting vulnerability exists in FUDForum 3.1.0. An attacker can exploit this vulnerability to inject JavaScript via the author parameter in index.php...

FUDForum cross-site scripting vulnerability (CNVD-2021-22862)

FUDforum is an open source forum system built on PHP+MySQL/PostgreSQL. A cross-site scripting vulnerability exists in FUDForum 3.1.0. An attacker can exploit this vulnerability to inject JavaScript via the srch parameter in index.php...

Fluxbb Denial of Service Vulnerability

FluxBB is an open source forum application. A denial of service vulnerability exists in Fluxbb 1.5.11. The vulnerability can be exploited to cause a denial of service by sending a very long password via the user login form to exhaust CPU and memory resources on the server...

MyBB Cross-Site Scripting Vulnerability (CNVD-2021-12661)

MyBB is a free open source forum software. A stored cross-site scripting vulnerability exists in MyBB versions prior to 1.8.25. An attacker can exploit this vulnerability by nesting email MyCode tags to conduct cross-site scripting attacks...

Directory Traversal Vulnerability in Cruising Cloud Light Forum System

Cruise Cloud Light Forum System is an open source web application based on JAVA + MYSQL architecture, including forums, Q&A modules. Patrol Cloud Light Forum system has a directory traversal vulnerability that can be exploited by an attacker to view the server file system structure and file conte...

Xiuno BBS code issue vulnerability

Xiuno BBS is an open source forum program based on PHP and MySQL. A code issue vulnerability exists in Xiuno BBS version 4.0. The vulnerability stems from an improperly designed or implemented problem in the code development process of a web system or product. No detailed vulnerability details ar...

MyBB SQL Injection Vulnerability (CNVD-2016-08094)

MyBB is based on PHP MySQL build , powerful , efficient open source forum system . MyBB SQL injection vulnerability , allowing attackers to exploit the vulnerability to obtain sensitive database information...

startbbs开源论坛存储型xss可盲打管理员

简要描述： rt 详细说明： 前面发的2发存储型xss危害可能都没那么大，但是这次存储型xss出现的位置在帖子正文，访问就中。 漏洞产生的原因：对规则过滤不严可以绕过。 以官方为例： 发布一条帖子，标题什么的随意。正文填入如下代码： 保存一下： 漏洞证明： 访问帖子： 具体利用可以参考实例2...

VBulletin 4.0.2 XSS vulnerability-vulnerability warning-the black bar safety net

vBulletin is an open source PHP Forum program. When searchtype is set to 1 when vBulletin does not have the correct filtration to submit to the search. php page, the query parameters will be returned to the user, a remote attacker can submit malicious parameters a request to perform cross-site...

deluxeBB Detection

This host is running deluxeBB a widely installed Open Source forum solution. OpenVAS Vulnerability Test $Id: deluxeBBdetect.nasl 5721 2017-03-24 14:42:01Z cfi $ deluxeBB Detection Authors: Michael Meyer Copyright: Copyright c 2009 Greenbone Networks GmbH This program is free software; you can...

phpBB Forum Detection (HTTP)

HTTP based detection of phpBB. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.100033";...