Fudforum: >> Fudforum >> 2.7.3 Security Vulnerabilities
FUDforum 3.1.2 is vulnerable to Remote Code Execution through Upload File feature of File Administration System in Admin Control Panel.
CVSS Score
7.2
EPSS Score
0.112
Published
2022-06-06
Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and earlier, when registering a new user, allows remote attackers to inject arbitrary web script or HTML via a custom profile field to index.php. NOTE: some of these details are obtained from third party information.
CVSS Score
2.6
EPSS Score
0.003
Published
2013-08-16