Vulnerabilities > Graphiks > Myforum > 1.3

DATE CVE VULNERABILITY TITLE RISK
2009-06-01 CVE-2009-1852 SQL Injection vulnerability in Graphiks Myforum 1.3
Multiple SQL injection vulnerabilities in Graphiks MyForum 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
network
low complexity
graphiks CWE-89
7.5
7.5
2008-11-12 CVE-2008-5040 Improper Authentication vulnerability in Graphiks Myforum 1.3
Graphiks MyForum 1.3 allows remote attackers to bypass authentication and gain administrative access by setting the (1) myforum_login and (2) myforum_pass cookies to 1.
network
low complexity
graphiks CWE-287
7.5
7.5
2008-10-28 CVE-2008-4760 SQL Injection vulnerability in Graphiks Myforum 1.3
SQL injection vulnerability in lecture.php in Graphiks MyForum 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
graphiks CWE-89
6.8
6.8