Thewebforum Thewebforum : Security vulnerabilities, CVEs

Copy

CVE-2006-0135

SQL injection vulnerability in login.php in TheWebForum (twf) 1.2.1 allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the username parameter (aka the u variable).

Max CVSS

7.5

EPSS Score

0.51%

Published

2006-01-09

Updated

2018-10-19

CVE-2006-0134

Cross-site scripting (XSS) vulnerability in register.php in TheWebForum (twf) 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the www parameter.

Max CVSS

4.3

EPSS Score

58.85%

Published

2006-01-09

Updated

2018-10-19

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!