Known Vulnerabilities for products from Phorum

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Phorum".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2012-6659 json Cross-site scripting (XSS) vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arb... Not Provided 2014-09-19 2026-05-06
CVE-2012-4234 json Cross-site scripting (XSS) vulnerability in the group moderation screen in the control center (control.php) in Phorum before ... Not Provided 2014-09-04 2026-05-06
CVE-2011-4561 json Cross-site scripting (XSS) vulnerability in admin.php in Phorum 5.2.18 allows remote attackers to inject arbitrary web script... Not Provided 2011-11-28 2026-04-29
CVE-2011-3768 json Phorum 5.2.15a allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the... Not Provided 2011-09-24 2026-04-29
CVE-2011-3622 json A Cross-Site Scripting (XSS) vulnerability exists in the admin login screen in Phorum before 5.2.18. 6.1 - MEDIUM 2020-01-22 2023-11-07
CVE-2011-3392 json Cross-site scripting (XSS) vulnerability in control.php in the controlcenter in Phorum before 5.2.17 allows remote attackers ... Not Provided 2011-09-08 2026-04-29
CVE-2011-3382 json Cross-site scripting (XSS) vulnerability in Phorum before 5.2.16 allows remote attackers to inject arbitrary web script or HT... Not Provided 2011-09-08 2026-04-29
CVE-2011-3381 json Cross-site request forgery (CSRF) vulnerability in Phorum before 5.2.16 allows remote attackers to hijack the authentication ... Not Provided 2011-09-08 2026-04-29
CVE-2010-1629 json Cross-site scripting (XSS) vulnerability in Phorum before 5.2.15 allows remote attackers to inject arbitrary web script or HT... Not Provided 2010-05-19 2026-04-29
CVE-2009-0488 json Cross-site scripting (XSS) vulnerability in Phorum before 5.2.10 allows remote attackers to inject arbitrary web script or HT... Not Provided 2009-02-09 2026-04-23
CVE-2008-4513 json Cross-site scripting (XSS) vulnerability in BBcode API module in Phorum 5.2.8 allows remote attackers to inject arbitrary web... Not Provided 2008-10-09 2026-04-23
CVE-2008-1486 json SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitra... Not Provided 2008-03-24 2026-04-23
CVE-2007-2339 json Multiple SQL injection vulnerabilities in Phorum before 5.1.22 allow remote attackers to execute arbitrary SQL commands via (... Not Provided 2007-04-27 2026-04-23
CVE-2007-2338 json Cross-site request forgery (CSRF) vulnerability in include/admin/banlist.php in Phorum before 5.1.22 allows remote attackers ... Not Provided 2007-04-27 2026-04-23
CVE-2007-2250 json admin.php in Phorum before 5.1.22 allows remote attackers to obtain the full path via the module[] parameter. Not Provided 2007-04-25 2026-04-23
CVE-2007-2249 json include/controlcenter/users.php in Phorum before 5.1.22 allows remote authenticated moderators to gain privileges via a modif... Not Provided 2007-04-25 2026-04-23
CVE-2007-2248 json Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Phorum before 5.1.22 allow remote attackers to inject arb... Not Provided 2007-04-25 2026-04-23
CVE-2007-0769 json Cross-site scripting (XSS) vulnerability in register.php in Phorum 5.1.18 allows remote attackers to inject arbitrary web scr... Not Provided 2007-02-06 2026-04-23
CVE-2007-0767 json Cross-site scripting (XSS) vulnerability in the core in Phorum before 5.1.18 allows remote attackers to inject arbitrary web ... Not Provided 2007-02-06 2026-04-23
CVE-2006-6968 json Cross-site scripting (XSS) vulnerability in the group moderation control center page in Phorum before 5.1.19 might allow remo... Not Provided 2007-02-06 2026-04-23

Known software with vulnerabilities from Phorum

Type Vendor Product Version
ApplicationPhorumPhorum-
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report