Vulnerabilities > Codologic > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-13 | CVE-2020-7051 | Cross-site Scripting vulnerability in Codologic Codoforum 2.5.1/4.8.3/4.8.4 Codologic Codoforum through 4.8.4 allows stored XSS in the login area. | 4.3 |
| 2020-01-07 | CVE-2020-5842 | Cross-site Scripting vulnerability in Codologic Codoforum 4.8.3 Codoforum 4.8.3 allows XSS in the user registration page: via the username field to the index.php?u=/user/register URI. | 6.1 |
| 2020-01-05 | CVE-2020-5306 | Cross-site Scripting vulnerability in Codologic Codoforum 4.8.3 Codoforum 4.8.3 allows XSS via a post using parameters display name, title name, or content. | 4.8 |
| 2015-03-23 | CVE-2014-9261 | Path Traversal vulnerability in Codologic Codoforum 2.5.1 The sanitize function in Codoforum 2.5.1 does not properly implement filtering for directory traversal sequences, which allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2014-03-19 | CVE-2013-5952 | Cross-Site Scripting vulnerability in Codologic COM Freichat 9.4 Multiple cross-site scripting (XSS) vulnerabilities in the Freichat (com_freichat) component, possibly 9.4 and earlier, for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) xhash parameter to client/chat.php or (3) toname parameter to client/plugins/upload/upload.php. | 4.3 |