Every CVE whose affected-product data names Dcscripts Dcforum, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2001-0527 — CVSS 10.0 (critical): DCScripts DCForum versions 2000 and earlier allow a remote attacker to gain additional privileges by inserting pipe symbols (|) and…
CVE-2001-0436 — CVSS 7.5 (high): dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arbitrary commands by uploading a Perl program to the server and using a…
CVE-2002-0226 — CVSS 7.5 (high): retrieve_password.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID, which allows remote attackers to…
CVE-2000-1132 — CVSS 6.4 (medium): DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum"…
CVE-2001-0437 — CVSS 5.0 (medium): upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload arbitrary files without authentication by setting the az parameter to…
CVE-2005-4311 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in DCForum 6.25 and earlier, and possibly DCForum+ 1.x, allows remote attackers to inject…