Vulnerabilities (CVE)

Filtered by vendor Phpoutsourcing Subscribe
Total 23 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-1089 1 Phpoutsourcing 1 Zorum 2024-11-20 5.0 MEDIUM N/A
index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message.
CVE-2003-1088 1 Phpoutsourcing 1 Zorum 2024-11-20 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.4 and 3.5 allows remote attackers to inject arbitrary web script or HTML via the method parameter.
CVE-2002-2350 1 Phpoutsourcing 1 Zorum 2024-11-20 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter.