Known Vulnerabilities for products from Phorum
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Phorum".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2012-6659 json | Cross-site scripting (XSS) vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arb... | Not Provided | 2014-09-19 | 2026-05-06 |
| CVE-2012-4234 json | Cross-site scripting (XSS) vulnerability in the group moderation screen in the control center (control.php) in Phorum before ... | Not Provided | 2014-09-04 | 2026-05-06 |
| CVE-2011-4561 json | Cross-site scripting (XSS) vulnerability in admin.php in Phorum 5.2.18 allows remote attackers to inject arbitrary web script... | Not Provided | 2011-11-28 | 2026-04-29 |
| CVE-2011-3768 json | Phorum 5.2.15a allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the... | Not Provided | 2011-09-24 | 2026-04-29 |
| CVE-2011-3622 json | A Cross-Site Scripting (XSS) vulnerability exists in the admin login screen in Phorum before 5.2.18. | 6.1 - MEDIUM | 2020-01-22 | 2023-11-07 |
| CVE-2011-3392 json | Cross-site scripting (XSS) vulnerability in control.php in the controlcenter in Phorum before 5.2.17 allows remote attackers ... | Not Provided | 2011-09-08 | 2026-04-29 |
| CVE-2011-3382 json | Cross-site scripting (XSS) vulnerability in Phorum before 5.2.16 allows remote attackers to inject arbitrary web script or HT... | Not Provided | 2011-09-08 | 2026-04-29 |
| CVE-2011-3381 json | Cross-site request forgery (CSRF) vulnerability in Phorum before 5.2.16 allows remote attackers to hijack the authentication ... | Not Provided | 2011-09-08 | 2026-04-29 |
| CVE-2010-1629 json | Cross-site scripting (XSS) vulnerability in Phorum before 5.2.15 allows remote attackers to inject arbitrary web script or HT... | Not Provided | 2010-05-19 | 2026-04-29 |
| CVE-2009-0488 json | Cross-site scripting (XSS) vulnerability in Phorum before 5.2.10 allows remote attackers to inject arbitrary web script or HT... | Not Provided | 2009-02-09 | 2026-04-23 |
| CVE-2008-4513 json | Cross-site scripting (XSS) vulnerability in BBcode API module in Phorum 5.2.8 allows remote attackers to inject arbitrary web... | Not Provided | 2008-10-09 | 2026-04-23 |
| CVE-2008-1486 json | SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitra... | Not Provided | 2008-03-24 | 2026-04-23 |
| CVE-2007-2339 json | Multiple SQL injection vulnerabilities in Phorum before 5.1.22 allow remote attackers to execute arbitrary SQL commands via (... | Not Provided | 2007-04-27 | 2026-04-23 |
| CVE-2007-2338 json | Cross-site request forgery (CSRF) vulnerability in include/admin/banlist.php in Phorum before 5.1.22 allows remote attackers ... | Not Provided | 2007-04-27 | 2026-04-23 |
| CVE-2007-2250 json | admin.php in Phorum before 5.1.22 allows remote attackers to obtain the full path via the module[] parameter. | Not Provided | 2007-04-25 | 2026-04-23 |
| CVE-2007-2249 json | include/controlcenter/users.php in Phorum before 5.1.22 allows remote authenticated moderators to gain privileges via a modif... | Not Provided | 2007-04-25 | 2026-04-23 |
| CVE-2007-2248 json | Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Phorum before 5.1.22 allow remote attackers to inject arb... | Not Provided | 2007-04-25 | 2026-04-23 |
| CVE-2007-0769 json | Cross-site scripting (XSS) vulnerability in register.php in Phorum 5.1.18 allows remote attackers to inject arbitrary web scr... | Not Provided | 2007-02-06 | 2026-04-23 |
| CVE-2007-0767 json | Cross-site scripting (XSS) vulnerability in the core in Phorum before 5.1.18 allows remote attackers to inject arbitrary web ... | Not Provided | 2007-02-06 | 2026-04-23 |
| CVE-2006-6968 json | Cross-site scripting (XSS) vulnerability in the group moderation control center page in Phorum before 5.1.19 might allow remo... | Not Provided | 2007-02-06 | 2026-04-23 |
Known software with vulnerabilities from Phorum
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Phorum | Phorum | - |