Fudforum@2.6.15 Security Vulnerabilities and Issues — Fudforum@2.6.15 CVE List

Lucene search

Ilia AlshanetskyFudforum2.6.15

3 matches found

CVE•added 2005/08/17 4:0 a.m.•47 views

CVE-2005-2600

FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter.

5CVSS6.1AI score0.00596EPSS

CVE•added 2005/09/02 11:3 p.m.•45 views

CVE-2005-2781

The Avatar upload feature in FUD Forum before 2.7.0 does not properly verify uploaded files, which allows remote attackers to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code.

7.5CVSS7.3AI score0.01269EPSS

CVE•added 2013/08/16 5:55 p.m.•32 views

CVE-2013-5309

Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and earlier, when registering a new user, allows remote attackers to inject arbitrary web script or HTML via a custom profile field to index.php. NOTE: some of these details are obtained from ...

2.6CVSS5.8AI score0.00296EPSS