472 matches found
Phorum 5.0.11 Read.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14095/info Phoroum is prone to SQL injection attacks. Insufficient sanitization of user input may allow a malicious user to manipulate the structure and logic of database queries. Successful exploitation could allow the...
Phorum 3.x/5.0.x HTTP Response Splitting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12869/info A remote HTTP response splitting vulnerability reportedly affects Phorum. This issue is due to a failure of the application to properly sanitize user-supplied input. A remote attacker may exploit this...
Phorum 3.3.2 Cross Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/4767/info Phorum is a PHP based web forums package designed for most UNIX variants, Linux, and Microsoft Windows operating systems. The 'header.php' and 'footer.php' components of Phorum do not santize the client-supplied...
Phorum 3.3.2 a Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4763/info Phorum is a PHP based web forums package designed for most UNIX variants, Linux, and Microsoft Windows operating systems. A vulnerability has been reported in Phorum that will allow remote attackers to specify...
Phorum 5.2 admin/banlist.php curr Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/34551/info Phorum is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...
Phorum 5.1.20 admin.php modsettings Module smiley_id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting issues, because the...
Phorum 5.1.20 admin.php Groups Module Edit/Add Group Field SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/23616/info Phorum is prone to multiple input-validation vulnerabilities, including an unauthorized-access issue, privilege-escalation issue, multiple SQL-injection issues, and cross-site scripting issues, because the...
Phorum 3.4.x Phorum_URIAuth SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10173/info Reportedly Phorum is affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitized user supplied URI input. This issue may allow a remote attacker to...
Phorum 3.0.7 violation.php3 Arbitrary Email Relay Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2272/info Phorum is a freely available, open source package originally written by Brian Moon. The package is designed to add enhanced features to a web page, allowing users to interact through bulletin board style chats...
Phorum 3.0.7 auth.php3 Backdoor Vulnerabililty
No description provided by source. source: http://www.securityfocus.com/bid/2274/info Phorum is a freely available, open source, popular WWW Board written by Brian Moon. It is designed to enhance the services offered on a web page, allow users to interact with one another through bulletin board...
Phorum 5.2 admin/users.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/34551/info Phorum is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...
Cross-Site Scripting (XSS) in Phorum
Advisory ID: HTB23109 Product: Phorum Vendor: Phorum Team Vulnerable Versions: 5.2.18 and probably prior Tested Version: 5.2.18 Vendor Notification: August 8, 2012 Public Disclosure: August 29, 2012 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2012-4234 CVSSv2 Base Score: 4....
Phorum 5.2.18 Cross Site Scripting
Advisory ID: HTB23109 Product: Phorum Vendor: Phorum Team Vulnerable Versions: 5.2.18 and probably prior Tested Version: 5.2.18 Vendor Notification: August 8, 2012 Public Disclosure: August 29, 2012 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2012-4234 CVSSv2 Base Score: 4....
Phorum 5.2.18 Cross Site Scripting
Exploit for php platform in category web applications Product: Phorum Vendor: Phorum Team Vulnerable Versions: 5.2.18 and probably prior Tested Version: 5.2.18 Vendor Notification: August 8, 2012 Public Disclosure: August 29, 2012 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference:...
Phorum 5.2.18 - Multiple Cross-Site Scripting Vulnerabilities
Phorum 5.2.18 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/55275/info Phorum is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...
Phorum 5.2.18 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/55275/info Phorum is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
Cross-Site Scripting (XSS) in Phorum
High-Tech Bridge Security Research Lab discovered vulnerability in Phorum, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in Phorum: CVE-2012-4234 Input passed via the "group" GET parameter to /control.php is not properly sanitised before being...
Phorum 'admin.php' Cross-Site Scripting Vulnerability
This host is running Phorum and is prone to cross-site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbphorumadminxssvuln.nasl 7044 2017-09-01 11:50:59Z teissa $ Phorum 'admin.php' Cross-Site Scripting Vulnerability Authors: Madhuri D Copyright: Copyright c 2011 Greenbone Networks GmbH...
Phorum <= 5.2.18 XSS Vulnerability - Active Check
Phorum is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phorum:phorum";...
CVE-2011-4561
Cross-site scripting XSS vulnerability in admin.php in Phorum 5.2.18 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to admin/index.php. NOTE: some of these details are obtained from third party information...