Phorum 3.4.x Message Form Field HTML Injection Variant Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7545/info An HTML injection issue has been reported which may lead to unauthorized code execution. It has been reported that it is possible to inject HTML or script code into the subject and other fields of a message in...

CVE-2003-1486

Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to 1 smileys.php, 2 quicklistrss.php, 3 purge.php, 4 news.php, 5 memberlist.php, 6 forumlistrss.php, 7 forumlistrdf.php, 8 forumlist.php, or 9 move.php, which leaks the...

Phorum 3.4.x - Phorum_URIAuth SQL Injection

Phorum 3.4.x - PhorumURIAuth SQL Injection source: https://www.securityfocus.com/bid/10173/info Reportedly Phorum is affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitized user supplied URI input. This issue may allow a remote...

Phorum 3.4.x - 'Message Form' HTML Injection

source: https://www.securityfocus.com/bid/7545/info An HTML injection issue has been reported which may lead to unauthorized code execution. It has been reported that it is possible to inject HTML or script code into the subject and other fields of a message in Phorum. This may be done by includi...