Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to...
6.5CVSS
7.3AI Score
0.023EPSS
Cross-site scripting (XSS) vulnerability in login.cfm in FuseTalk Forums 3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the windowed...
5.9AI Score
0.005EPSS
SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVAR_SUBCAT (txForumID) parameter to forum/index.cfm and possibly other unspecified components, related to...
8.5AI Score
0.002EPSS
Multiple cross-site scripting (XSS) vulnerabilities in forum/include/error/autherror.cfm in FuseTalk Basic, Standard, Enterprise, and ColdFusion allow remote attackers to inject arbitrary web script or HTML via the (1) FTVAR_LINKP and (2) FTVAR_URLP parameters to (a)...
5.8AI Score
0.009EPSS
SQL injection vulnerability in forum/include/error/autherror.cfm in FuseTalk allows remote attackers to execute arbitrary SQL commands via the errorcode parameter. NOTE: a patch may have been released privately between April and June 2007. NOTE: this issue may overlap...
8.3AI Score
0.002EPSS
SQL injection vulnerability in index.cfm in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
7.9AI Score
0.002EPSS