Leszek Krupinski L-forum — known CVE vulnerabilities
Every CVE whose affected-product data names Leszek Krupinski L-forum, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2002-1457 — CVSS 7.5 (high): SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitrary SQL statements via the search…
CVE-2002-1458 — CVSS 7.5 (high): Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is on, allows remote attackers to…
CVE-2002-1459 — CVSS 7.5 (high): Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is off, allows remote attackers…
CVE-2002-1460 — CVSS 5.0 (medium): L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment…