Filtered by vendor Oretnom23
Subscribe
Filtered by product Simple Forum\/discussion System
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-10790 | 1 Oretnom23 | 1 Simple Forum\/discussion System | 2025-09-25 | 6.5 MEDIUM | 6.3 MEDIUM |
| A security flaw has been discovered in SourceCodester Simple Forum Discussion System 1.0. This affects an unknown function of the file /ajax.php?action=save_category. The manipulation of the argument Description results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-10100 | 1 Oretnom23 | 1 Simple Forum\/discussion System | 2025-09-12 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was detected in SourceCodester Simple Forum Discussion System 1.0. This impacts an unknown function of the file /admin_class.php?action=login. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. | |||||
| CVE-2021-45252 | 1 Oretnom23 | 1 Simple Forum\/discussion System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System 1.0 For example on three applications which are manage_topic.php, manage_user.php, and ajax.php. The attacker can be retrieving all information from the database of this system by using this vulnerability. | |||||
| CVE-2024-9032 | 1 Oretnom23 | 1 Simple Forum\/discussion System | 2024-09-20 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum-Discussion System 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument page leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||