CVE-2002-0226

retrievepassword.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID, which allows remote attackers to request a new password on behalf of another user and use the sessionID to calculate the new password for that user...

DCForum 1-6 - Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/1951/info DCForum is a commercial cgi script from DCScripts which is designed to facilitate web-based threaded discussion forums. The script improperly validates user-supplied input, which allows the remote viewing of arbitrary files on the host which are...