PHP-Fusion 4.0 Viewthread.PHP Information Disclosure Vulnerbility

2005-02-08T00:00:00
ID EDB-ID:25089
Type exploitdb
Reporter TheGreatOne2176
Modified 2005-02-08T00:00:00

Description

PHP-Fusion 4.0 Viewthread.PHP Information Disclosure Vulnerbility. CVE-2005-0345. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/12482/info

PHP-Fusion is reportedly affected by an information disclosure vulnerability. This issue is due to the application failing to properly sanitize user-supplied input.

It is reported that an attacker could leverage this vulnerability to view any thread of protected forums on an affected version of the application. All PHP-Fusion 4 versions are reportedly affected by this vulnerability; earlier versions may also be vulnerable. 

http://www.example.com/fusion_forum/viewthread.php?forum_id=10000&forum_cat=100000&thread_id=2