Adp

Adp Forum

2 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2006-1157

Exploit
  • EPSS 0.62%
  • Published 12.03.2006 20:02:00
  • Last modified 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php.

5

CVE-2005-4249

Exploit
  • EPSS 0.23%
  • Published 15.12.2005 11:03:00
  • Last modified 03.04.2025 01:03:51

ADP Forum 2.0 through 2.0.3 stores sensitive information in plaintext files under the web document root with insufficient access control, which allows remote attackers to obtain user credentials via requests to the forum/users directory.