VYPR

Forums

by Zingiri

CVEs (4)

  • CVE-2012-5295Oct 4, 2012
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in login.cfm in FuseTalk Forums 3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the windowed parameter.

  • CVE-2019-25442Feb 22, 2026
    risk 0.00cvss epss 0.00

    Web Wiz Forums 12.01 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the PF parameter. Attackers can send GET requests to member_profile.asp with malicious PF values to extract sensitive…

  • CVE-2023-53978Dec 22, 2025
    risk 0.00cvss epss 0.00

    myBB Forums 1.8.26 contains a stored cross-site scripting vulnerability in the forum announcement system that allows authenticated administrators to inject malicious scripts when creating announcements. Attackers can exploit this vulnerability by inserting script payloads in the…

  • CVE-2012-4920Apr 4, 2014
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in the zing_forum_output function in forum.php in the Zingiri Forum (aka Forums) plugin before 1.4.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter to index.php.