6 matches found
EUVD-2004-1710
Malware in sbrugna...
CVE-2004-1716
Cross-site scripting XSS vulnerability in PForum before 1.26 allows remote attackers to inject arbitrary web script or HTML via the 1 IRC Server or 2 AIM ID fields in the user profile...
CVE-2002-0319
Cross-site scripting vulnerability in edituser.php for pforum 1.14 and earlier allows remote attackers to execute script and steal cookies from other users via Javascript in a username...
CVE-2002-0287
pforum 1.14 and earlier does not explicitly enable PHP magic quotes, which allows remote attackers to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default...
CVE-2002-0319
Cross-site scripting vulnerability in edituser.php for pforum 1.14 and earlier allows remote attackers to execute script and steal cookies from other users via Javascript in a username...
pforum: mysql-injection-bug
ppp-design has found a mysql-injection-bug in pforum: Details ------- Product: pforum Version: 1.14 and maybe all versions before OS affected: all OS with php and mysql Vendor-URL: www.powie.de Vendor-Status: informed, workaround available Security-Risk: Medium-High Remote-Exploit: Yes Introducti...