Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2000-1228

Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables.

PublishedDec 31, 2000, 05:00

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.html
http://hispahack.ccc.de/mi020.html
http://www.digitalsec.net/stuff/z-mirrors/hispahack/mi020.htm
http://www.securityfocus.com/bid/2271

Weakness Type

NVD-CWE-Other

CVSS Metrics

Base Score

Vector String

AV:N/AC:L/Au:N/C:N/I:P/A:N

Base SeverityUnknown

Version

2.0

Attack Vector (AV)