Vulnerabilities > Fudforum

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-06	CVE-2022-30860	Unrestricted Upload of File with Dangerous Type vulnerability in Fudforum FUDforum 3.1.2 is vulnerable to Remote Code Execution through Upload File feature of File Administration System in Admin Control Panel. network low complexity fudforum CWE-434	6.5
2022-06-06	CVE-2022-30861	Cross-site Scripting vulnerability in Fudforum 3.1.2 FUDforum 3.1.2 is vulnerable to Stored XSS via Forum Name field in Forum Manager Feature. network fudforum CWE-79	3.5
2022-06-06	CVE-2022-30863	Cross-site Scripting vulnerability in Fudforum 3.1.2 FUDForum 3.1.2 is vulnerable to Cross Site Scripting (XSS) via page_title param in Page Manager in the Admin Control Panel. network fudforum CWE-79	3.5
2022-05-06	CVE-2022-28545	Cross-site Scripting vulnerability in Fudforum 3.1.1 FUDforum 3.1.1 is vulnerable to Stored XSS. network fudforum CWE-79	3.5
2021-03-19	CVE-2021-27520	Cross-site Scripting vulnerability in Fudforum 3.1.0 A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "author" parameter. network fudforum CWE-79	4.3
2021-03-19	CVE-2021-27519	Cross-site Scripting vulnerability in Fudforum 3.1.0 A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "srch" parameter. network fudforum CWE-79	4.3
2020-01-27	CVE-2013-2267	Code Injection vulnerability in Fudforum 3.0.4 PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system. network low complexity fudforum CWE-94 critical	9.0
2019-11-13	CVE-2019-18839	Cross-site Scripting vulnerability in Fudforum 3.0.9 FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter. network fudforum CWE-79	8.5
2019-11-12	CVE-2019-18873	Cross-site Scripting vulnerability in Fudforum 3.0.9 FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header. network fudforum CWE-79	8.5
2013-08-16	CVE-2013-5309	Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and earlier, when registering a new user, allows remote attackers to inject arbitrary web script or HTML via a custom profile field to index.php. network high complexity fudforum ilia-alshanetsky CWE-79	2.6

Vulnerabilities > Fudforum {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fudforum"}]}

Vulnerabilities > Fudforum