CVE-2005-2600

FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter...

CVE-2004-2639

Unspecified vulnerability in Journalness 3.0.7 and earlier allows remote attackers to create or modify posts via unknown attack vectors...

phpbbquoteflaw.txt

Affected Software: phpBB 2.x tested on 2.0.4 and 2.0.8, untested on later versions Vulnerability: flaw in code handling the quoting of posts. Severity: Low Discovered by: Matt Benenati +Details+ ========= This flaw could allow a malicious user to alter the alignment and layout of any posts in the...

GeekLog 1.3.x - HTML Injection

GeekLog 1.3.x - HTML Injection source: https://www.securityfocus.com/bid/8792/info Geeklog has been reported prone to multiple HTML Injection vulnerabilities. The issues have been reported to present themselves due to a lack of sufficient sanitization performed on data that is parsed from forum...

NPDS 4.8 - News Message HTML Injection

source: https://www.securityfocus.com/bid/5797/info Problems with NPDS could make it possible to execute arbitrary script code in a vulnerable client. NPDS does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contains...