2 matches found
CVE-2017-18364
CVE-2017-18364 concerns phpFK lite and is a reflected cross-site scripting (XSS) vulnerability. The affected components are the web interface files faq.php, members.php, search.php (via query strings) and user.php (via the user parameter). The underlying issue is that user-supplied input in these...
CVE-2009-2112
The CVE-2009-2112 entry concerns phpFK version 7.03, where a directory traversal flaw in include/page_bottom.php allows a remote attacker to include and execute arbitrary local files through special values in the _FORUM[settings_design_style] parameter. Reported as a directory traversal vulnerabi...