Max Vision

4 exploits Active since Apr 2000
CVE-2000-1228 EXPLOITDB text WORKING POC
Phorum 3.0.7 - Unauthenticated Administrator Password Change via admin.php3
Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables.
CVE-2000-1230 EXPLOITDB text WRITEUP
Phorum 3.0.7 - Unauthenticated Backdoor Access via PHP_AUTH_USER Parameter
Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to access restricted web pages via an HTTP request with the PHP_AUTH_USER parameter set to "boogieman".
CVE-2000-1234 EXPLOITDB text WRITEUP
Phorum 3.0.7 - Unauthenticated Email Spoofing via Mod and ForumName Parameters
violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters.
CVE-2000-0248 EXPLOITDB text WORKING POC
Red Hat Linux Piranha - Command Injection
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.