Vulnerabilities > Fudforum
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-06 | CVE-2022-30860 | Unrestricted Upload of File with Dangerous Type vulnerability in Fudforum FUDforum 3.1.2 is vulnerable to Remote Code Execution through Upload File feature of File Administration System in Admin Control Panel. | 7.2 |
| 2022-06-06 | CVE-2022-30861 | Cross-site Scripting vulnerability in Fudforum 3.1.2 FUDforum 3.1.2 is vulnerable to Stored XSS via Forum Name field in Forum Manager Feature. | 4.8 |
| 2022-06-06 | CVE-2022-30863 | Cross-site Scripting vulnerability in Fudforum 3.1.2 FUDForum 3.1.2 is vulnerable to Cross Site Scripting (XSS) via page_title param in Page Manager in the Admin Control Panel. | 4.8 |
| 2022-05-06 | CVE-2022-28545 | Cross-site Scripting vulnerability in Fudforum 3.1.1 FUDforum 3.1.1 is vulnerable to Stored XSS. | 5.4 |
| 2021-03-19 | CVE-2021-27520 | Cross-site Scripting vulnerability in Fudforum 3.1.0 A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "author" parameter. | 6.1 |
| 2021-03-19 | CVE-2021-27519 | Cross-site Scripting vulnerability in Fudforum 3.1.0 A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "srch" parameter. | 6.1 |
| 2020-01-27 | CVE-2013-2267 | Code Injection vulnerability in Fudforum 3.0.4 PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system. | 7.2 |
| 2019-11-13 | CVE-2019-18839 | OS Command Injection vulnerability in Fudforum 3.0.9 FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter. | 9.0 |
| 2019-11-12 | CVE-2019-18873 | OS Command Injection vulnerability in Fudforum 3.0.9 FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. | 9.0 |