VYPR

Xm Forum

by Asp Dev

CVEs (3)

  • CVE-2012-4060Jul 25, 2012
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) profile.asp, (2) forum.asp, or (3) topic.asp.

  • CVE-2005-4256Dec 15, 2005
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in forum.asp in ASP-DEV XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via the forum_title parameter. NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. In addition,…

  • CVE-2005-1008May 2, 2005
    risk 0.03cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in posts.asp for ASP-DEv XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via a "javascript:" URL in an IMG tag.