Fuzzylime Forum : Security Vulnerabilities, CVEs,
Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum 1.01b and earlier allows remote attackers to inject arbitrary web script or HTML via the fromaction parameter in a log action, a different vector than CVE-2007-3235.
Max CVSS
4.3
EPSS Score
0.61%
Published
2007-06-19
Updated
2018-10-16
Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to inject arbitrary web script or HTML via the topic parameter. NOTE: this might be resultant from SQL injection.
Max CVSS
4.3
EPSS Score
0.24%
Published
2007-06-15
Updated
2017-10-11
SQL injection vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the topic parameter.
Max CVSS
7.5
EPSS Score
0.54%
Published
2007-06-15
Updated
2017-10-11
3 vulnerabilities found