Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5421 | 1 Wsn Forum | 1 Wsn Forum | 2024-02-04 | 7.5 HIGH | N/A |
| WSN Forum 1.3.4 and earlier allows remote attackers to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php. NOTE: this issue has been labeled remote file inclusion, but that label only applies to the attack, not the underlying vulnerability. | |||||
| CVE-2005-3916 | 1 Wsn Forum | 1 Wsn Forum | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in memberlist.php in WSN Forum 1.21 allows remote attackers to execute arbitrary SQL commands via the id parameter in a profile action. | |||||