Pforum@* Security Vulnerabilities and Issues — Pforum@* CVE List

Lucene search

PowiePforum*

2 matches found

CVE•added 2006/11/22 12:7 a.m.•26 views

CVE-2006-6038

SQL injection vulnerability in editpoll.php in Powie's PHP Forum (pForum) 1.29a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5CVSS8.9AI score0.00922EPSS

CVE•added 2003/04/02 5:0 a.m.•25 views

CVE-2002-0287

pforum 1.14 and earlier does not explicitly enable PHP magic quotes, which allows remote attackers to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default.

10CVSS8.6AI score0.0069EPSS