MidnightBSD

Advisories for jamroom

CVE-2010-2463 MEDIUM

Cross-site scripting (XSS) vulnerability in forum.php in Jamroom before 4.1.9 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter in a modify action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
jamroom jamroom 2.64
jamroom jamroom 3.0.15
jamroom jamroom *
jamroom jamroom 3.0.13
jamroom jamroom 3.3.8
jamroom jamroom 2.68
jamroom jamroom 3.0.4
jamroom jamroom 4.0.5
jamroom jamroom 2.65
jamroom jamroom 4.1.0
jamroom jamroom 2.67
jamroom jamroom 3.2.1
jamroom jamroom 3.0.21
jamroom jamroom 4.1.1
jamroom jamroom 3.1.2
jamroom jamroom 2.62
jamroom jamroom 3.3.7
jamroom jamroom 4.0.9
jamroom jamroom 2.60
jamroom jamroom 3.0.5
jamroom jamroom 2.69
jamroom jamroom 3.2.2
jamroom jamroom 3.0.7
jamroom jamroom 2.63
jamroom jamroom 3.0.2
jamroom jamroom 3.0.3
jamroom jamroom 3.0.24
jamroom jamroom 2.0.9
jamroom jamroom 1.0
jamroom jamroom 2.6.11
jamroom jamroom 3.1.3
jamroom jamroom 4.0.11
jamroom jamroom 3.3.0
jamroom jamroom 4.0.14
jamroom jamroom 3.0.6
jamroom jamroom 3.1.4
jamroom jamroom 3.4.0
jamroom jamroom 4.0.8
jamroom jamroom 3.0.14
jamroom jamroom 3.3.3
jamroom jamroom 3.0
jamroom jamroom 3.3.4
jamroom jamroom 2.66
jamroom jamroom 2.6.12
jamroom jamroom 3.0.18
jamroom jamroom 3.0.30
jamroom jamroom 4.0.13
jamroom jamroom 4.0.12
jamroom jamroom 2.61
jamroom jamroom 3.3.1
jamroom jamroom 3.3.2
jamroom jamroom 3.3.6
jamroom jamroom 4.0.10
jamroom jamroom 3.0.22
jamroom jamroom 3.1.5
jamroom jamroom 4.0.3
jamroom jamroom 4.0.7
jamroom jamroom 3.0.25
jamroom jamroom 3.0.29
jamroom jamroom 3.0.20
jamroom jamroom 3.0.23
jamroom jamroom 3.0.28
jamroom jamroom 3.2.6
jamroom jamroom 4.1.5
jamroom jamroom 3.0.19
jamroom jamroom 3.2.0
jamroom jamroom 4.1.4
jamroom jamroom 3.1.0
jamroom jamroom 3.0.12
jamroom jamroom 3.1.1
jamroom jamroom 3.0.26
jamroom jamroom 3.3.5
jamroom jamroom 3.0.10
jamroom jamroom 3.2.4
jamroom jamroom 3.0.1
jamroom jamroom 4.1.3
jamroom jamroom 3.2.5
jamroom jamroom 4.0.6
jamroom jamroom 4.1.6
jamroom jamroom 2.6.10
jamroom jamroom 3.0.17
jamroom jamroom 3.0.27
jamroom jamroom 4.0.4
jamroom jamroom 3.0.11
jamroom jamroom 4.1.7
jamroom jamroom 4.0.2
jamroom jamroom 3.0.8
jamroom jamroom 3.0.9
jamroom jamroom 4.1.2
jamroom jamroom 3.0.16
jamroom jamroom 3.2.3
CVE-2012-6705 MEDIUM

Cross Site Scripting (XSS) exists in Jamroom before 4.2.7 via the Status Update field.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
jamroom jamroom *
CVE-2013-6804 MEDIUM

Cross-site scripting (XSS) vulnerability in the Search module before 1.1.1 for Jamroom allows remote attackers to inject arbitrary web script or HTML via the search_string parameter to search/results/all/1/4.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
jamroom search_module *
jamroom search_module 1.0.0
CVE-2014-5098 MEDIUM

Cross-site scripting (XSS) vulnerability in the Search module before 1.2.2 in Jamroom allows remote attackers to inject arbitrary web script or HTML via the query string to search/results/.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
jamroom search_module *