source: http://www.securityfocus.com/bid/9882/info
It has been reported that Phorum is prone to a cross-site scripting vulnerability across multiple modules. The issue presents itself across multiple modules including 'login.php', 'register.php', and 'profile.php'. These modules employ two hidden variables named 'f' and 'target', which are passed user-supplied input values from HTTP_REFERER without proper sanitization.
Phorum versions 5.0.3 Beta and prior are reported to be vulnerable to this issue.
profile.php?id=2&action=edit&target=[XSS]
{"hash": "e572192a855a7d3e516adec531a4298c8c6d1a9543513f85aac3bab35f1a226f", "id": "EDB-ID:23820", "lastseen": "2016-02-02T21:53:18", "enchantments": {"vulnersScore": 4.3}, "bulletinFamily": "exploit", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "edition": 1, "history": [], "type": "exploitdb", "sourceHref": "https://www.exploit-db.com/download/23820/", "description": "Phorum 3.x profile.php target Parameter XSS. CVE-2004-1822. Webapps exploit for php platform", "title": "Phorum 3.x profile.php target Parameter XSS", "sourceData": "source: http://www.securityfocus.com/bid/9882/info\r\n \r\nIt has been reported that Phorum is prone to a cross-site scripting vulnerability across multiple modules. The issue presents itself across multiple modules including 'login.php', 'register.php', and 'profile.php'. These modules employ two hidden variables named 'f' and 'target', which are passed user-supplied input values from HTTP_REFERER without proper sanitization.\r\n \r\nPhorum versions 5.0.3 Beta and prior are reported to be vulnerable to this issue.\r\n\r\nprofile.php?id=2&action=edit&target=[XSS]", "objectVersion": "1.0", "cvelist": ["CVE-2004-1822"], "published": "2004-03-15T00:00:00", "osvdbidlist": ["4335"], "references": [], "reporter": "JeiAr", "modified": "2004-03-15T00:00:00", "href": "https://www.exploit-db.com/exploits/23820/"}
{"result": {"cve": [{"id": "CVE-2004-1822", "type": "cve", "title": "CVE-2004-1822", "description": "Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.1 through 5.0.3 beta allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_REFERER parameter to login.php, (2) HTTP_REFERER parameter to register.php, or (3) target parameter to profile.php.", "published": "2004-03-15T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1822", "cvelist": ["CVE-2004-1822"], "lastseen": "2017-07-11T11:14:37"}], "exploitdb": [{"id": "EDB-ID:23818", "type": "exploitdb", "title": "Phorum 3.x register.php HTTP_REFERER XSS", "description": "Phorum 3.x register.php HTTP_REFERER XSS. CVE-2004-1822. Webapps exploit for php platform", "published": "2004-03-15T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/23818/", "cvelist": ["CVE-2004-1822"], "lastseen": "2016-02-02T21:53:00"}, {"id": "EDB-ID:23819", "type": "exploitdb", "title": "Phorum 3.x login.php HTTP_REFERER XSS", "description": "Phorum 3.x login.php HTTP_REFERER XSS. CVE-2004-1822. Webapps exploit for php platform", "published": "2004-03-15T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/23819/", "cvelist": ["CVE-2004-1822"], "lastseen": "2016-02-02T21:53:09"}]}}
