Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown

CVE-2011-3392

Disclosure Date: September 08, 2011 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in control.php in the controlcenter in Phorum before 5.2.17 allows remote attackers to inject arbitrary web script or HTML via the real_name parameter.
0
0
Attacker Value
Unknown

CVE-2011-3382

Disclosure Date: September 08, 2011 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Phorum before 5.2.16 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2011-3381

Disclosure Date: September 08, 2011 (last updated October 04, 2023)
Cross-site request forgery (CSRF) vulnerability in Phorum before 5.2.16 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
0
0
Attacker Value
Unknown

CVE-2010-1629

Disclosure Date: May 19, 2010 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Phorum before 5.2.15 allows remote attackers to inject arbitrary web script or HTML via an invalid email address.
0
0
Attacker Value
Unknown

CVE-2009-0488

Disclosure Date: February 09, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Phorum before 5.2.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2008-1486

Disclosure Date: March 24, 2008 (last updated October 04, 2023)
SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search.
0
0
Attacker Value
Unknown

CVE-2007-0769

Disclosure Date: February 06, 2007 (last updated November 08, 2023)
Cross-site scripting (XSS) vulnerability in register.php in Phorum 5.1.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the vendor disputes this vulnerability, stating that "The characters are escaped properly.
0
0