Directory traversal vulnerability in include/page_bottom.php in phpFK 7.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the _FORUM[settings_design_style] parameter.
7.4AI Score
0.014EPSS
Cross-site scripting (XSS) vulnerability in search.php in phpFK PHP Forum ohne 7.0.4 allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
5.8AI Score
0.002EPSS
phpFK lite has XSS via the faq.php, members.php, or search.php query string or the user.php user parameter.
7.4CVSS
6AI Score
0.001EPSS