Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Myphp Forum Subscribe
Filtered by product Myphp Forum
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-0413 1 Myphp Forum 1 Myphp Forum 2017-10-10 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in MyPHP Forum 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the fid in forum.php, (2) the member parameter in member.php, (3) the email parameter in forgot.php, or (4) the nbuser or nbpass parameters in include.php. NOTE: it was later reported that vector 2 exists in 3.0 and earlier.
CVE-2008-0099 1 Myphp Forum 1 Myphp Forum 2017-09-28 6.8 MEDIUM N/A
Multiple SQL injection vulnerabilities in MyPHP Forum 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the searchtext parameter to search.php, and unspecified other vectors.
CVE-2005-1404 1 Myphp Forum 1 Myphp Forum 2008-09-05 5.0 MEDIUM N/A
MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the (1) nbuser parameter to post.php or (2) sender parameter to privmsg.php.