Vulnerabilities > Fahlstad
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-12-18 | CVE-2009-3703 | SQL Injection vulnerability in Fahlstad Wp-Forum Multiple SQL injection vulnerabilities in the WP-Forum plugin before 2.4 for WordPress allow remote attackers to execute arbitrary SQL commands via (1) the search_max parameter in a search action to the default URI, related to wpf.class.php; (2) the forum parameter to an unspecified component, related to wpf.class.php; (3) the topic parameter in a viewforum action to the default URI, related to the remove_topic function in wpf.class.php; or the id parameter in a (4) editpost or (5) viewtopic action to the default URI, related to wpf-post.php. | 7.5 |
2009-03-19 | CVE-2009-0968 | SQL Injection vulnerability in Fahlstad Fmoblog Plugin 2.1 SQL injection vulnerability in fmoblog.php in the fMoblog plugin 2.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. | 7.5 |