Fipsasp Fipsforum vulnerabilities
2 known vulnerabilities affecting fipsasp/fipsforum.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2006-6116P3HIGHCVSS 7.5PoC≤ 2.62006-11-26
CVE-2006-6116 [HIGH] CVE-2006-6116: SQL injection vulnerability in default2.asp in fipsForum 2.6 and earlier allows remote attackers to
SQL injection vulnerability in default2.asp in fipsForum 2.6 and earlier allows remote attackers to execute arbitrary SQL commands via the kat parameter.
nvd
CVE-2010-0765P3MEDIUMCVSS 5.0PoCv2.62010-03-02
CVE-2010-0765 [MEDIUM] CWE-264 CVE-2010-0765: fipsForum 2.6 stores sensitive information under the web root with insufficient access control, whic
fipsForum 2.6 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for _database/forumFips.mdb.
nvd