2 matches found
CVE-2007-2249
Phorum prior to 5.1.22 contains an injection/privilege escalation issue in include/controlcenter/users.php. Remote authenticated moderators can upgrade their privileges by altering the (1) user_ids POST parameter or (2) userdata array, affecting the authentication/authorization checks in the cont...
CVE-2007-2249
include/controlcenter/users.php in Phorum before 5.1.22 allows remote authenticated moderators to gain privileges via a modified 1 userids POST parameter or 2 userdata array...