2 matches found
CVE-2008-0541
CVE-2008-0541 affects Gerd Tentler Simple Forum 3.2. The vulnerability is a cross-site scripting (XSS) in forum.php, exploitable via the open and date_show parameters. Remote attackers can inject arbitrary scripts/HTML, leading to potential session or credential compromise on affected installatio...
CVE-2008-0542
The CVE-2008-0542 entry concerns a directory traversal vulnerability in thumbnail.php of Gerd Tentler Simple Forum 3.2. The underlying issue is path traversal via a .. in the file parameter, allowing remote attackers to read arbitrary files. Affected software is Simple Forum 3.2; the exact root c...