Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Codoforum
(Codologic)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-07-09 | CVE-2020-25879 | A stored cross site scripting (XSS) vulnerability in the 'Manage Users' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the 'Username' parameter. | Codoforum | 5.4 | ||
| 2022-07-07 | CVE-2022-31854 | Codoforum v5.1 was discovered to contain an arbitrary file upload vulnerability via the logo change option in the admin panel. | Codoforum | 7.2 | ||
| 2015-03-23 | CVE-2014-9261 | The sanitize function in Codoforum 2.5.1 does not properly implement filtering for directory traversal sequences, which allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter to index.php. | Codoforum | N/A |