VYPR

D Forum

by Adalis Infomatique

CVEs (2)

  • CVE-2003-1406Dec 31, 2003
    risk 0.03cvss epss 0.03

    PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3.

  • CVE-2005-0660May 2, 2005
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 allows remote attackers to inject arbitrary web script or HTML via certain fields, as demonstrated using the page parameter in nav.php3.