Cross site scripting

Cross-site scripting XSS vulnerability in templates/1/login.php in phpCommunity 2 2.1.8 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

Directory traversal

Multiple directory traversal vulnerabilities in phpCommunity 2 2.1.8 allow remote attackers to read arbitrary files via a .. dot dot in the 1 file parameter to module/admin/files/showfile.php and the 2 path parameter to module/admin/files/showsource.php...

CVE-2009-4885

CVE-2009-4885 is a Cross-site Scripting (XSS) vulnerability in phpCommunity 2, version 2.1.8, affecting templates/1/login.php. An attacker can inject arbitrary script/HTML via the msg parameter. CVSS v2 base score: 4.3 (Medium); impact is limited to partial integrity due to user-supplied content,...

phpCommunity 2 2.1.8 Multiple Vulnerabilities (SQL Injection / Directory Traversal / XSS)

Salvatore "drosophila" Fresta + Application: phpCommunity 2 + Version: 2.1.8 + Website: http://sourceforge.net/projects/phpcommunity2/ + Bugs: A Multiple SQL Injection B Directory Traversal C Reflected XSS + Exploitation: Remote + Date: 07 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta +...