Skip to main content

Wikidforum

3 CVEs product

Monthly

CVE-2018-18075 CRITICAL POC Act Now

WikidForum 2.20 has SQL Injection via the rpc.php parent_post_id or num_records parameter, or the index.php?action=search select_sort parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Wikidforum
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
1.8%
CVE-2012-6520 HIGH POC This Week

Multiple SQL injection vulnerabilities in the advanced search in Wikidforum 2.10 allow remote attackers to execute arbitrary SQL commands via the (1) select_sort or (2) opt_search_select parameters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Wikidforum
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.3%
CVE-2012-2099 MEDIUM POC THREAT This Month

Multiple cross-site scripting (XSS) vulnerabilities in Wikidforum 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) search field, or the (2) Author or (3) select_sort. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 26.7%.

XSS Wikidforum
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
26.7%
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

WikidForum 2.20 has SQL Injection via the rpc.php parent_post_id or num_records parameter, or the index.php?action=search select_sort parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Wikidforum
NVD Exploit-DB
EPSS 1% CVSS 7.5
HIGH POC This Week

Multiple SQL injection vulnerabilities in the advanced search in Wikidforum 2.10 allow remote attackers to execute arbitrary SQL commands via the (1) select_sort or (2) opt_search_select parameters. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Wikidforum
NVD Exploit-DB
EPSS 27% CVSS 4.3
MEDIUM POC THREAT This Month

Multiple cross-site scripting (XSS) vulnerabilities in Wikidforum 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) search field, or the (2) Author or (3) select_sort. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 26.7%.

XSS Wikidforum
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy