Keir Davis

keir_davis

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

X Forum

x-forum

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2009-1512 1Keir Davis 1X Forum Apr 23, 2026 May 1, 2009 N/A· v4 N/A· v3 6.5 MEDIUM· v2 Static code injection vulnerability in X-Forum 0.6.2 allows remote authenticated administrators to inject arbitrary PHP code into Config.php via the adminEMail parameter to SaveConfig.php.
CVE-2009-1508 1Keir Davis 1X Forum Apr 23, 2026 May 1, 2009 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookie_username parameter to Configure.php...Show more SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookie_username parameter to Configure.php.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2009-1512

1Keir Davis

1X Forum

Apr 23, 2026

May 1, 2009

N/A· v4

N/A· v3

6.5 MEDIUM· v2

Static code injection vulnerability in X-Forum 0.6.2 allows remote authenticated administrators to inject arbitrary PHP code into Config.php via the adminEMail parameter to SaveConfig.php.

CVE-2009-1508