Vulnerabilities > Fluxbb > Fluxbb > 1.5.5

DATE CVE VULNERABILITY TITLE RISK
2015-02-03 CVE-2014-9574 Path Traversal vulnerability in Fluxbb
Directory traversal vulnerability in install.php in FluxBB before 1.5.8 allows remote attackers to include and execute arbitrary local install.php files via a ..
network
fluxbb CWE-22
critical
9.3
2015-01-13 CVE-2014-10030 Remote Security vulnerability in FluxBB
Open redirect vulnerability in forums/login.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.
network
fluxbb
5.8
2015-01-13 CVE-2014-10029 SQL Injection vulnerability in Fluxbb
SQL injection vulnerability in profile.php in FluxBB before 1.4.13 and 1.5.x before 1.5.7 allows remote attackers to execute arbitrary SQL commands via the req_new_email parameter.
network
low complexity
fluxbb CWE-89
7.5