mvnforum CVE Vulnerabilities & CVE List (4)

Products (CPE): — CVEs: 4

mvnforum vulnerability overview

Aggregates CVE and security vulnerability intelligence across all mvnforum-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk cross-site scripting and vendor risk csrf and related problems; some flaws may lead to vendor impact session compromise, affecting vendor surface production workloads scenarios.

Vulnerability distribution trend (last 24 months)

Showing 14 of 4 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2008-5400 Multiple cross-site request forgery (CSRF) vulnerabilities in mvnForum before 1.2.1 GA allow remote attackers to (1) create forums, (2) change account privileges, (3) enable accounts, or (4) disable accounts as a product administrator via unspecified vectors, possibly related to HTTP Referer headers. [email protected] 6.8 0.70% 2008-12-10 2026-06-16
CVE-2008-5399 Cross-site scripting (XSS) vulnerability in the listonlineusers (aka "Who's online") component in mvnForum before 1.2.1 GA allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. [email protected] 4.3 1.26% 2008-12-10 2026-06-16
CVE-2006-3245 Multiple cross-site scripting (XSS) vulnerabilities in activatemember in mvnForum 1.0 GA and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) member and (2) activatecode parameters. [email protected] 2.6 1.73% 2006-06-27 2026-06-16
CVE-2005-1183 Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the Search parameter. [email protected] 4.3 1.73% 2005-05-02 2026-06-16
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence