Vulnerabilities (CVE)

Filtered by vendor Frank-karau Subscribe
Filtered by product Phpfk
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-18364 1 Frank-karau 1 Phpfk 2024-11-21 4.3 MEDIUM 7.4 HIGH
phpFK lite has XSS via the faq.php, members.php, or search.php query string or the user.php user parameter.
CVE-2009-2112 1 Frank-karau 1 Phpfk 2024-11-21 7.5 HIGH N/A
Directory traversal vulnerability in include/page_bottom.php in phpFK 7.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the _FORUM[settings_design_style] parameter.