CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cross-site scripting XSS vulnerability in ZoneO-soft freeForum 1.7 allows remote attackers to inject arbitrary web script or HTML via the acuparam parameter to 1 the default URI or 2 index.php, or 3 the PATHINFO to index.php. NOTE: the provenance of this information is unknown; the details are...

4.3CVSS5.6AI score0.0029EPSS

Exploits1References4

Prion•added 2008/08/10 8:41 p.m.•10 views

Cross site scripting

4.3CVSS6AI score0.0029EPSS

Exploits1References4Affected Software1

Cvelist•added 2008/08/10 8:0 p.m.•12 views

CVE-2008-3566

5.6AI score0.0029EPSS

Exploits1References4

CVE•added 2008/08/10 8:0 p.m.•34 views

CVE-2008-3566

CVE-2008-3566 describes a cross-site scripting (XSS) vulnerability in ZoneO-soft freeForum 1.7. The issue allows remote attackers to inject arbitrary web script or HTML via the acuparam parameter to (1) the default URI, (2) index.php, or (3) the PATH_INFO to index.php. The available documents con...

4.3CVSS5.6AI score0.0029EPSS

Exploits1References4Affected Software1

Packet Storm•added 2006/03/11 12:0 a.m.•34 views

EV0089.txt

New eVuln Advisory: FreeForum PHP Code Execution & Multiple XSS Vulnerabilities http://evuln.com/vulns/89/summary.html --------------------Summary---------------- eVuln ID: EV0089 CVE: CVE-2006-0957 CVE-2006-0958 Vendor: ZoneO-Soft Vendor's Web Site: http://soft.zoneo.net/ Software: FreeForum...

7.5CVSS6.6AI score0.012EPSS

Exploits1

securityvulns•added 2006/03/10 12:0 a.m.•28 views

[eVuln] FreeForum PHP Code Execution & Multiple XSS Vulnerabilities

7.5CVSS0.7AI score0.012EPSS

Exploits1

NVD•added 2006/03/02 11:2 p.m.•11 views

CVE-2006-0958

Cross-site scripting XSS vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the 1 name and 2 subject parameters...

4.3CVSS5.7AI score0.00572EPSS

Exploits1References7

NVD•added 2006/03/02 11:2 p.m.•11 views

CVE-2006-0957

Direct static code injection vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allows remote attackers to execute arbitrary PHP code via the 1 X-Forwarded-For and 2 Client-Ip HTTP headers, which are stored in Data/flood.db.php...

7.5CVSS7.6AI score0.012EPSS

Exploits1References6

Prion•added 2006/03/02 11:2 p.m.•8 views

Cross site scripting

Cross-site scripting XSS vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the 1 name and 2 subject parameters...

4.3CVSS6.2AI score0.00572EPSS

Exploits1References7Affected Software1

CVE•added 2006/03/02 11:0 p.m.•48 views

CVE-2006-0957

CVE-2006-0957 affects ZoneO-Soft FreeForum (before 1.2.1). A direct static code injection vulnerability exists in func.inc.php where HTTP headers X-Forwarded-For and Client-Ip are written to Data/flood.db.php, enabling remote attackers to inject and execute arbitrary PHP code. The vulnerability a...

7.5CVSS7.6AI score0.012EPSS

Exploits1References6Affected Software1

CVE•added 2006/03/02 11:0 p.m.•39 views

CVE-2006-0958

FreeForum by ZoneO-Soft (vendor: ZoneO-Soft) prior to version 1.2.1 is affected. CVE-2006-0958 stems from unsanitized inputs in func.inc.php, allowing cross-site scripting via the name and subject parameters. Related linked advisory EV0089 also describes a PHP code execution path through unvalida...

4.3CVSS5.7AI score0.00572EPSS

Exploits1References7Affected Software1

Cvelist•added 2006/03/02 11:0 p.m.•13 views

CVE-2006-0958

Cross-site scripting XSS vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the 1 name and 2 subject parameters...

5.7AI score0.00572EPSS

Exploits1References7

Cvelist•added 2006/03/02 11:0 p.m.•19 views

CVE-2006-0957

7.6AI score0.012EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by