CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-3249
https://notcve.org/view.php?id=CVE-2006-3249
SQL injection vulnerability in search.php in Phorum 5.1.14 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the vendor has disputed this report, stating "If a non positive integer or non-integer is used for the page parameter for a search URL, the search query will use a negative number for the LIMIT clause. This causes the query to break, showing no results. It IS NOT however a sql injection error." While the original report is from a researcher with mixed accuracy, as of 20060703, CVE does not have any additional information regarding this issue ** DISCUTIDA ** Vulnerabilidad de inyección SQL en search.php en Phorum v5.1.14 y anteriores permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro page. • http://pridels0.blogspot.com/2006/06/phorum-sql-injection-vuln.html http://www.osvdb.org/27165 http://www.phorum.org/cgi-bin/trac.cgi/ticket/382#preview http://www.phorum.org/phorum5/read.php?14%2C114358 https://exchange.xforce.ibmcloud.com/vulnerabilities/27369 •
CVSS: 7.5EPSS: 8%CPEs: 44EXPL: 2CVE-2006-3053 – PHORUM 3.x/5.x - 'Common.php' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-3053
PHP remote file inclusion vulnerability in common.php in PHORUM 5.1.13 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHORUM[http_path] parameter. NOTE: this issue has been disputed by the vendor, who states "common.php is checked on the very first line of non-comment code that it is not being called directly. It has been this way in all 5.x version of Phorum." CVE analysis concurs with the vendor ** EN DISPUTA ** PHP vulnerabilidad de inclusión de archivo remoto en common.php en Phorum v5.1.13 y anteriores permite a atacantes remotos ejecutar código PHP arbitrario a través de una URL en el parámetro Phorum [http_path]. NOTA: este problema ha sido discutido por el vendedor, quien afirma que "common.php se comprueba en la primera línea de código no comment-que no se está llamando directamente Ha sido así en todas las versiones 5.x de Phorum." • https://www.exploit-db.com/exploits/27363 http://securityreason.com/securityalert/1103 http://www.securityfocus.com/archive/1/436863/100/0/threaded http://www.securityfocus.com/archive/1/437988/100/0/threaded http://www.securityfocus.com/bid/16977 https://exchange.xforce.ibmcloud.com/vulnerabilities/27064 •
CVSS: 6.8EPSS: 1%CPEs: 25EXPL: 1CVE-2005-3543
https://notcve.org/view.php?id=CVE-2005-3543
SQL injection vulnerability in search.php in Phorum 5.0.0alpha through 5.0.20, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the forum_ids parameter. Vulnerabilidad de inyección de SQL en Phorum 5.0.0alpha a 5.0.20, cuando "register_globals" está habilitado, permite a atacantes ejecutar órdenes SQL de su elección mediante el parámetro forum_id si register_globals está activado en PHP. • http://marc.info/?l=bugtraq&m=113122911424216&w=2 http://phorum.org/story.php?57 http://secunia.com/advisories/17456 http://securityreason.com/securityalert/153 http://www.osvdb.org/20524 http://www.vupen.com/english/advisories/2005/2332 http://www.waraxe.us/advisory-43.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 42EXPL: 1CVE-2005-2836
https://notcve.org/view.php?id=CVE-2005-2836
Multiple cross-site scripting (XSS) vulnerabilities in Phorum 5.0.17a and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the username parameter to register.php or (2) a signature of a logged-in user in "My Control Center," which is not properly handled by control.php. • http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0018.html http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0048.html http://secunia.com/advisories/16667 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1CVE-2005-0843 – Phorum 3.x/5.0.x - HTTP Response Splitting
https://notcve.org/view.php?id=CVE-2005-0843
CRLF injection vulnerability in search.php in Phorum 5.0.14a allows remote attackers to perform HTTP Response Splitting attacks via the body parameter, which is included in the resulting Location header. • https://www.exploit-db.com/exploits/25258 http://marc.info/?l=bugtraq&m=111151651621097&w=2 http://secunia.com/advisories/14680 •