JVN#00152874 P forum vulnerable to directory traversal

ID JVN:00152874
Type jvn
Reporter Japan Vulnerability Notes
Modified 2009-12-17T00:00:00


## Description

P forum from Rocomotion is a bulletin board software. P forum contains a directory traversal vulnerability.

## Impact

A remote attacker could view an arbitrary file on the server.

## Solution

Update the Software
Update to the latest version according to the information provided by the developer.
This vulnerability has been addressed and an updated version (1.28) was released on October 30, 2009.

## Products Affected

  • P forum ver 1.27 and earlier