3 results (0.008 seconds)

CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0

Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address. Allaire Forums 2.0.4 y 2.0.5 y Foros! 3.0 y 3.1 permiten a usuarios remotos autorizados suplantar la identidad de otros usuarios (Spoofing) para enviar mensajes modificando en el formulario los campos de nombre y dirección de correo. • http://online.securityfocus.com/archive/1/249026 http://www.iss.net/security_center/static/7841.php http://www.kb.cert.org/vuls/id/575619 http://www.securityfocus.com/bid/3827 •

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 2

The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm. • https://www.exploit-db.com/exploits/19193 http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html http://www.allaire.com/handlers/index.cfm?ID=9602&Method=Full http://www.osvdb.org/944 https://exchange.xforce.ibmcloud.com/vulnerabilities/1748 •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables. • http://www.osvdb.org/1270 http://www.securityfocus.com/bid/1085 http://www2.allaire.com/handlers/index.cfm?ID=15099&Method=Full •