VYPR

Dmx Forum

by Dmx Forum

CVEs (4)

  • CVE-2006-2946Jun 12, 2006
    risk 0.03cvss epss 0.03

    Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote attackers to obtain database username and password information.

  • CVE-2006-2947Jun 12, 2006
    risk 0.03cvss epss 0.03

    Dmx Forum 2.1a allows remote attackers to obtain username and password information via a direct request to pops/edit.php with a modified membre parameter.

  • CVE-2003-1406Dec 31, 2003
    risk 0.03cvss epss 0.03

    PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3.

  • CVE-2005-0660May 2, 2005
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 allows remote attackers to inject arbitrary web script or HTML via certain fields, as demonstrated using the page parameter in nav.php3.