Lucene search
+L

79 matches found

NVD
NVD
added 2005/08/23 4:0 a.m.13 views

CVE-2005-2652

Zorum 3.5 allows remote attackers to obtain the full installation path via direct requests to 1 gorum/notification.php, 2 user.php, 3 attach.php, 4 blacklist.php, 5 zorum/forum.php, 6 globalstat.php, 7 gorum/trace.php, 8 gorum/badwords.php, or 9 gorum/flood.php...

5CVSS6.7AI score0.0155EPSS
Exploits1References4
NVD
NVD
added 2005/08/23 4:0 a.m.18 views

CVE-2005-2651

gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitrary code via shell metacharacters in the argv parameter...

7.5CVSS7.6AI score0.05074EPSS
Exploits7References6
Cvelist
Cvelist
added 2005/08/21 4:0 a.m.24 views

CVE-2005-2651

gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitrary code via shell metacharacters in the argv parameter...

7.6AI score0.05074EPSS
Exploits7References6
Cvelist
Cvelist
added 2005/08/21 4:0 a.m.18 views

CVE-2005-2652

Zorum 3.5 allows remote attackers to obtain the full installation path via direct requests to 1 gorum/notification.php, 2 user.php, 3 attach.php, 4 blacklist.php, 5 zorum/forum.php, 6 globalstat.php, 7 gorum/trace.php, 8 gorum/badwords.php, or 9 gorum/flood.php...

6.7AI score0.0155EPSS
Exploits1References4
CVE
CVE
added 2005/08/21 4:0 a.m.49 views

CVE-2005-2652

CVE-2005-2652 affects Zorum 3.5. The vulnerability permits remote attackers to obtain the full installation path by directly requesting any of these pages: gorum/notification.php, user.php, attach.php, blacklist.php, zorum/forum.php, globalstat.php, gorum/trace.php, gorum/badwords.php, or gorum/f...

5CVSS7AI score0.0155EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2005/08/21 4:0 a.m.53 views

CVE-2005-2651

CVE-2005-2651 affects Zorum 3.5: gorum/prod.php allows remote code execution via shell metacharacters in argv. Attacker-controlled input enables arbitrary commands; impact on confidentiality, integrity, and availability is noted as PARTIAL. The connected sources provide exploit-style details (e.g...

7.5CVSS7.5AI score0.05074EPSS
Exploits7References6Affected Software1
securityvulns
securityvulns
added 2005/08/19 12:0 a.m.78 views

Zorum 3.5 remote code execution poc exploit

Zorum 3.5 remote code execution poc exploit software: description: Zorum is a freely available, open source Web-based forum application implemented in PHP. It is available for UNIX, Linux, and any other platform that supports PHP script execution. author site: http://zorum.phpoutsourcing.com/ 1...

8.7AI score
Exploits0
exploitpack
exploitpack
added 2005/08/18 12:0 a.m.15 views

PHPOutsourcing Zorum 3.5 - Prod.php Arbitrary Command Execution

PHPOutsourcing Zorum 3.5 - Prod.php Arbitrary Command Execution source: https://www.securityfocus.com/bid/14601/info Zorum is prone to an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This issue may facilitat...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2005/08/18 12:0 a.m.25 views

PHPOutsourcing Zorum 3.5 - 'Prod.php' Arbitrary Command Execution

source: https://www.securityfocus.com/bid/14601/info Zorum is prone to an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This issue may facilitate unauthorized remote access in the context of the Web server to...

7.4AI score
Exploits0
NVD
NVD
added 2005/05/04 4:0 a.m.20 views

CVE-2005-0676

index.php in Zorum 3.5 allows remote attackers to trigger an SQL error, and possibly inject arbitrary SQL commands, via the search capability...

7.5CVSS7.3AI score0.01449EPSS
Exploits1References1
NVD
NVD
added 2005/05/02 4:0 a.m.17 views

CVE-2005-0675

Cross-site scripting XSS vulnerability in index.php for Zorum 3.5 allows remote attackers to inject arbitrary web script or HTML via the 1 list or 2 frommethod parameters...

4.3CVSS5.7AI score0.00992EPSS
Exploits1References2
NVD
NVD
added 2005/05/02 4:0 a.m.14 views

CVE-2005-0677

index.php for Zorum 3.5 allows remote attackers to perform certain actions as other users by modifying the id parameter...

5CVSS6.7AI score0.01108EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2005/03/11 12:0 a.m.26 views

Zorum <= 3.5 Multiple Remote Vulnerabilities

The remote host is running Zorum, an open source electronic forum written in PHP. The version of Zorum installed on the remote host is prone to numerous flaws, including remote code execution, privilege escalation, and SQL injection. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

7.5CVSS5.9AI score0.05074EPSS
Exploits11References10
exploitpack
exploitpack
added 2005/03/10 12:0 a.m.14 views

phpoutsourcing zorum 3.5 - Multiple Vulnerabilities

phpoutsourcing zorum 3.5 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/12777/info Zorum is a freely available, open source Web-based forum application implemented in PHP. It is available for UNIX, Linux, and any other platform that supports PHP script execution. Multiple...

7.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/03/10 12:0 a.m.15 views

Zorum < 3.6.0 Multiple Vulnerabilities

Binary data 2692.prm...

7.5CVSS7.3AI score0.05074EPSS
Exploits11References10
Exploit DB
Exploit DB
added 2005/03/10 12:0 a.m.21 views

phpoutsourcing zorum 3.5 - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/12777/info Zorum is a freely available, open source Web-based forum application implemented in PHP. It is available for UNIX, Linux, and any other platform that supports PHP script execution. Multiple remote vulnerabilities affect Zorum. These issues are...

7.4AI score
Exploits0
CVE
CVE
added 2005/03/07 5:0 a.m.49 views

CVE-2005-0676

CVE-2005-0676 affects Zorum 3.5. The vulnerability is in index.php via the search capability, where remote attackers can trigger an SQL error and potentially inject arbitrary SQL commands. The provided documents confirm the affected software and the underlying issue is an SQL injection/error cond...

7.5CVSS7.4AI score0.01449EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2005/03/07 5:0 a.m.51 views

CVE-2003-1089

CVE-2003-1089 affects Zorum 3.4. The issue arises in index.php, where invalid parameter names trigger a PHP error message that reveals the full path to the web root. This path disclosure is the primary impact described in the available records; no exploitation steps or active exploit code are pro...

5CVSS7.2AI score0.0287EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2005/03/07 5:0 a.m.53 views

CVE-2005-0675

CVE-2005-0675 affects Zorum 3.5. A Cross-site scripting (XSS) vulnerability exists in index.php, exploitable via the list or frommethod parameters to inject arbitrary script/HTML. This is a remote, unauthenticated vector with impact limited to client-side script execution; no remediation details ...

4.3CVSS5.8AI score0.00992EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2005/03/07 5:0 a.m.56 views

CVE-2005-0677

CVE-2005-0677 affects Zorum 3.5 where the file index.php allows remote attackers to perform certain actions as other users by modifying the id parameter. The underlying issue is parameter manipulation that enables privilege escalation within the application, leading to actions executed with anoth...

5CVSS6.8AI score0.01108EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder