Info

Last Modified

about 1 year ago

Percent Complete

10%

Disclosure

Apr 19, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

This Entry needs help! It is only 10% Complete. Click the edit link above to add more information.

Contributing is fast and easy, and benefits the entire security community.

Keywords

No Keywords

Description

(Description Provided by CVE) : include/controlcenter/users.php in Phorum before 5.1.22 allows remote authenticated moderators to gain privileges via a modified (1) user_ids POST parameter or (2) userdata array.

Classification

Location: Remote/Network Access Required
OSVDB: Web Related

Products

Unknown or Incomplete

References

Security Tracker: 1017936
CVE ID: 2007-2249 (see also: NVD)
Bugtraq ID: 23616
Secunia Advisory ID: 24932
Related OSVDB ID: 35057 35060 35061 35062
FrSIRT Advisory: ADV-2007-1479
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-04/0350.html
Vendor Specific News/Changelog Entry: http://www.phorum.org/story.php?76
Other Advisory URL: http://www.waraxe.us/advisory-49.html

Credit

Unknown or Incomplete

Blogs

Provided by Technorati

None found at this time

Comments

Add Comment Hide Add Comment

No Comments.

DONATE NOW!

User Status

Account
- Login
- Sign-Up

Quick Searches