Show filters
59 Total Results
Displaying 1-10 of 59
Sort by:
Attacker Value
Unknown

CVE-2011-3622

Disclosure Date: January 22, 2020 (last updated February 21, 2025)
A Cross-Site Scripting (XSS) vulnerability exists in the admin login screen in Phorum before 5.2.18.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2012-6659

Disclosure Date: September 19, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
0
0
Attacker Value
Unknown

CVE-2012-4234

Disclosure Date: September 04, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the group moderation screen in the control center (control.php) in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via the group parameter.
0
0
Attacker Value
Unknown

CVE-2011-4561

Disclosure Date: November 28, 2011 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in admin.php in Phorum 5.2.18 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/index.php. NOTE: some of these details are obtained from third party information.
0
0
Attacker Value
Unknown

CVE-2011-3768

Disclosure Date: September 24, 2011 (last updated October 04, 2023)
Phorum 5.2.15a allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by css.php and certain other files.
0
0
Attacker Value
Unknown

CVE-2011-3392

Disclosure Date: September 08, 2011 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in control.php in the controlcenter in Phorum before 5.2.17 allows remote attackers to inject arbitrary web script or HTML via the real_name parameter.
0
0
Attacker Value
Unknown

CVE-2011-3382

Disclosure Date: September 08, 2011 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Phorum before 5.2.16 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2011-3381

Disclosure Date: September 08, 2011 (last updated October 04, 2023)
Cross-site request forgery (CSRF) vulnerability in Phorum before 5.2.16 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
0
0
Attacker Value
Unknown

CVE-2010-1629

Disclosure Date: May 19, 2010 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Phorum before 5.2.15 allows remote attackers to inject arbitrary web script or HTML via an invalid email address.
0
0
Attacker Value
Unknown

CVE-2009-0488

Disclosure Date: February 09, 2009 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in Phorum before 5.2.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
View More Topics  Next >