Quick.forum Security Vulnerabilities and Issues — Quick.forum CVE List

Lucene search

Open SolutionQuick.forum

3 matches found

CVE•added 2005/05/14 4:0 a.m.•32 views

CVE-2005-1584

Cross-site scripting (XSS) vulnerability in index.php for Quick.Forum 2.1.6 allows remote attackers to inject arbitrary web script or HTML via the topic field in a NewTopic action.

4.3CVSS6AI score0.00444EPSS

CVE•added 2005/05/14 4:0 a.m.•30 views

CVE-2005-1585

Multiple SQL injection vulnerabilities in Quick.Forum 2.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) iCategory or (2) page parameter to index.php, or (3) iCategory parameter in the query string to the forum directory.

7.5CVSS8.9AI score0.00584EPSS

CVE•added 2005/05/14 4:0 a.m.•26 views

CVE-2005-1586

Quick.Forum 2.1.6 stores potentially sensitive information such as usernames, banned IP addresses, censored words, and backups under the web document root, which allows remote attackers to obtain that information via a direct request to (1) db/users.txt, (2) db/banList.txt, (3) db/censureWords.txt,...

5CVSS6.7AI score0.00457EPSS