Every CVE whose affected-product data names Powie Pforum, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2002-0287 — CVSS 10.0 (critical): pforum 1.14 and earlier does not explicitly enable PHP magic quotes, which allows remote attackers to bypass authentication and gain…
CVE-2002-0319 — CVSS 7.5 (high): Cross-site scripting vulnerability in edituser.php for pforum 1.14 and earlier allows remote attackers to execute script and steal cookies…
CVE-2006-6038 — CVSS 7.5 (high): SQL injection vulnerability in editpoll.php in Powie's PHP Forum (pForum) 1.29a and earlier allows remote attackers to execute arbitrary…
CVE-2008-4355 — CVSS 7.5 (high): SQL injection vulnerability in showprofil.php in Powie PSCRIPT Forum (aka PHP Forum or pForum) 1.30 and earlier allows remote attackers to…
CVE-2004-1716 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in PForum before 1.26 allows remote attackers to inject arbitrary web script or HTML via the (1)…