Vulnerabilities > Efkan Forum
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-31 | CVE-2006-6829 | Information Disclosure vulnerability in Efkan Forum Efkan Forum 1.0 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum.mdb. | 7.8 |
2006-12-31 | CVE-2006-6828 | SQL-Injection vulnerability in Efkan Forum Multiple SQL injection vulnerabilities in Efkan Forum 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the grup parameter in admin.asp, or the id parameter in (2) default.asp or (3) admin.asp. | 7.5 |
2006-12-28 | CVE-2006-6794 | SQL Injection vulnerability in Efkan Forum Efkan Forum 1.0 SQL injection vulnerability in default.asp in Efkan Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the grup parameter. | 7.5 |