Filtered by vendor Mvnforum
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-5399 | 1 Mvnforum | 1 Mvnforum | 2018-10-11 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the listonlineusers (aka "Who's online") component in mvnForum before 1.2.1 GA allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | |||||
CVE-2008-5400 | 1 Mvnforum | 1 Mvnforum | 2018-10-11 | 6.8 MEDIUM | N/A |
Multiple cross-site request forgery (CSRF) vulnerabilities in mvnForum before 1.2.1 GA allow remote attackers to (1) create forums, (2) change account privileges, (3) enable accounts, or (4) disable accounts as a product administrator via unspecified vectors, possibly related to HTTP Referer headers. | |||||
CVE-2006-3245 | 1 Mvnforum | 1 Mvnforum | 2017-07-19 | 2.6 LOW | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in activatemember in mvnForum 1.0 GA and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) member and (2) activatecode parameters. | |||||
CVE-2005-1183 | 1 Mvnforum | 1 Mvnforum | 2017-07-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the Search parameter. |