Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2000-1228

Published: 31/12/2000 Updated: 05/09/2008
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Summary

Phorum 3.0.7 allows remote malicious users to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables.

Vulnerable Product Search on Vulmon Subscribe to Product

phorum phorum 3.0.7

Exploits

Exploit DB: Phorum 3.0.7 - 'admin.php3' Unverified Administrative Password Change
source: wwwsecurityfocuscom/bid/2271/info Phorum is a popular, free, open source software package originally written by Brian Moon The package is designed to add chat/bulletin board style interaction between visitors of a web site A problem with Phorum can allow remote users access to restricted files on the local system This is due t ...

References

NVD-CWE-Otherhttp://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.htmlhttp://hispahack.ccc.de/mi020.htmlhttp://www.digitalsec.net/stuff/z-mirrors/hispahack/mi020.htmhttp://www.securityfocus.com/bid/2271https://nvd.nist.govhttps://www.exploit-db.com/exploits/20586/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572CVE-2024-24919CVE-2024-0230CVE-2024-32714HTML injectionlocal file inclusionCVE-2024-31098CVE-2024-31244privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook