Vulnerabilities > Efkan Forum

DATE CVE VULNERABILITY TITLE RISK
2006-12-31 CVE-2006-6829 Information Disclosure vulnerability in Efkan Forum
Efkan Forum 1.0 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum.mdb.
network
low complexity
efkan-forum
7.8
2006-12-31 CVE-2006-6828 SQL-Injection vulnerability in Efkan Forum
Multiple SQL injection vulnerabilities in Efkan Forum 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the grup parameter in admin.asp, or the id parameter in (2) default.asp or (3) admin.asp.
network
low complexity
efkan-forum
7.5
2006-12-28 CVE-2006-6794 SQL Injection vulnerability in Efkan Forum Efkan Forum 1.0
SQL injection vulnerability in default.asp in Efkan Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the grup parameter.
network
low complexity
efkan-forum
7.5