Vulnerabilities > Codologic > Codoforum
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-05 | CVE-2020-5306 | Cross-site Scripting vulnerability in Codologic Codoforum 4.8.3 Codoforum 4.8.3 allows XSS via a post using parameters display name, title name, or content. | 4.8 |
| 2020-01-05 | CVE-2020-5305 | Cross-site Scripting vulnerability in Codologic Codoforum 4.8.3 Codoforum 4.8.3 allows XSS in the admin dashboard via a name field of a new user, i.e., on the Manage Users screen. | 3.5 |
| 2015-03-23 | CVE-2014-9261 | Path Traversal vulnerability in Codologic Codoforum 2.5.1 The sanitize function in Codoforum 2.5.1 does not properly implement filtering for directory traversal sequences, which allows remote attackers to read arbitrary files via a .. | 5.0 |