This page lists publicly disclosed CVE vulnerabilities affecting courseforum projectforum (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2011-4277 | Cross-site scripting (XSS) vulnerability in CourseForum ProjectForum 7.0.1.3038 allows remote attackers to inject arbitrary web script or HTML via a crafted name of an object within a more object on a wiki page. | [email protected] | 4.3 | 0.92% | 2011-11-03 | 2026-06-16 |
| CVE-2005-4336 | Cross-site scripting (XSS) vulnerability in ProjectForum 4.7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) fwd parameter in admin/adminsignin.html and (2) originalpageid parameter in admin/newpage.html associated with a group. | [email protected] | 4.3 | 1.30% | 2005-12-17 | 2026-06-16 |
| CVE-2005-4335 | ProjectForum 4.7.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted pageid parameter to admin/versions.html. | [email protected] | 7.8 | 1.82% | 2005-12-17 | 2026-06-16 |