Vulnerabilities (CVE)

Filtered by vendor Uniforum Subscribe
Filtered by product Uniforum
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-0226 1 Uniforum 1 Uniforum 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in wbsearch.aspx in uniForum 4 and earlier allows remote attackers to execute arbitrary SQL commands via the "by User" field (aka the TXbyuser parameter).
CVE-2006-1406 1 Uniforum 1 Uniforum 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in wbadmlog.aspx in uniForum 4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) txtuser or (2) txtpassword parameters.