Fudforum@2.0.2 Security Vulnerabilities and Issues — Fudforum@2.0.2 CVE List

Lucene search

Ilia AlshanetskyFudforum2.0.2

4 matches found

CVE•added 2003/04/11 4:0 a.m.•39 views

CVE-2002-1421

SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php.

7.5CVSS8.3AI score0.00734EPSS

CVE•added 2003/04/11 4:0 a.m.•33 views

CVE-2002-1422

admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters.

5CVSS7.1AI score0.06338EPSS

CVE•added 2013/08/16 5:55 p.m.•32 views

CVE-2013-5309

Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and earlier, when registering a new user, allows remote attackers to inject arbitrary web script or HTML via a custom profile field to index.php. NOTE: some of these details are obtained from ...

2.6CVSS5.8AI score0.00296EPSS

CVE•added 2003/04/11 4:0 a.m.•31 views

CVE-2002-1423

tmp_view.php in FUDforum before 2.2.0 allows remote attackers to read arbitrary files via an absolute pathname in the file parameter.

5CVSS7.1AI score0.07579EPSS