post_message_form.asp in Web Wiz Forums 6.34 up to and including 7.5, when quote mode is used, allows remote malicious users to read or write to private forums by modifying the FID (forum ID) parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bdc enterprises web wiz forums 6.34 |
||
bdc enterprises web wiz forums 7.01 |
||
bdc enterprises web wiz forums 7.5 |