Vulnerabilities > Fudforum > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-11-13 CVE-2019-18839 OS Command Injection vulnerability in Fudforum 3.0.9
FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter.
network
low complexity
fudforum CWE-78
critical
 9.0
9.0
2019-11-12 CVE-2019-18873 OS Command Injection vulnerability in Fudforum 3.0.9
FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP header.
network
low complexity
fudforum CWE-78
critical
 9.0
9.0