VYPR

Forum

by Prozilla

CVEs (8)

  • CVE-2002-0959Oct 4, 2002
    risk 0.04cvss epss 0.07

    Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote attackers to execute arbitrary script as other users via an [img] tag with a closing quote followed by the script.

  • CVE-2008-1789Apr 15, 2008
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in forum.php in Prozilla Forum allows remote attackers to execute arbitrary SQL commands via the forum parameter.

  • CVE-2007-3267Jun 19, 2007
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum 1.01b and earlier allows remote attackers to inject arbitrary web script or HTML via the fromaction parameter in a log action, a different vector than CVE-2007-3235.

  • CVE-2007-3235Jun 15, 2007
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to inject arbitrary web script or HTML via the topic parameter. NOTE: this might be resultant from SQL injection.

  • CVE-2005-3394Nov 1, 2005
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in forum.php in oaboard forum 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) channel parameter in the topics module and (2) topic parameter in the posting module.

  • CVE-2003-0590Aug 18, 2003
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field.

  • CVE-2003-0483Aug 7, 2003
    risk 0.03cvss epss 0.04

    Cross-site scripting (XSS) vulnerabilities in XMB Forum 1.8 Partagium allow remote attackers to insert arbitrary script via (1) the member parameter to member.php or (2) the action parameter to buddy.php.

  • CVE-2006-0124Jan 9, 2006
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in crear.php in ADN Forum 1.0b allows remote attackers to inject arbitrary web script or HTML via the titulo parameter, which is used by the "Topic name" field.