5 matches found
CVE-2006-3332
SQL injection vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to execute arbitrary SQL commands via the 1 offset, 2 tid, 3 fromid, 4 sortby, 5 fromfrommethod, and 6 fromfromlist parameters...
CVE-2006-3333
The CVE-2006-3333 entry describes a Cross-site Scripting (XSS) vulnerability in Zorum Forum 3.5, specifically in index.php. The flaw allows remote attackers to inject web script or HTML through multiple unspecified parameters (notably frommethod, list, and method) which are reflected in an error ...
CVE-2006-3332
SQL injection vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to execute arbitrary SQL commands via the 1 offset, 2 tid, 3 fromid, 4 sortby, 5 fromfrommethod, and 6 fromfromlist parameters...
Zorum Forum 3.5 (rollid) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ===================================================== Zorum Forum 3.5 rollid Remote SQL Injection Exploit ===================================================== !/usr/bin/perl use LWP::UserAgent;...
Zorum Forum 3.5 "rollid" SQL inj. vuln.
Zorum Forum 3.5 "rollid" SQL inj. vuln. Vuln. dicovered by : r0t Date: 26 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/zorum-forum-35-rollid-sql-inj-vuln.html Vendor:http://zorum.phpoutsourcing.com/index.php affected version: 3.5 and prior Vuln. Description: Input passed to the...