Ttforum

ttforum

Vendor: Ttcms • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-1708 1Ttcms 1Ttforum Apr 23, 2026 Mar 27, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 PHP remote file inclusion vulnerability in lib/db/ez_sql.php in ttCMS 4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lib_path parameter.
CVE-2003-1459 1Ttcms 2Ttcms Ttforum Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote attackers to execute arbitrary PHP code via the (1) template parameter in News.php or (2) installdir parameter in install.php.
CVE-2003-1458 1Ttcms 2Ttcms Ttforum Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum allows remote attackers to execute arbitrary SQL commands via the member name.
CVE-2003-0331 1Ttcms 1Ttforum Apr 16, 2026 Jun 9, 2003 N/A· v4 N/A· v3 10.0 HIGH· v2 SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttForum Administrator privileges via the Ignorelist-Textfield argument in the Preferences page.