Description
violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters.
Exploits (1)
References (4)
Core 4
Core References
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/2272
Various Sources x_refsource_misc
http://www.digitalsec.net/stuff/z-mirrors/hispahack/mi020.htm
Exploit, Vendor Advisory mailing-list
x_refsource_bugtraq
http://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.html
Various Sources x_refsource_misc
http://hispahack.ccc.de/mi020.html
Scores
EPSS
0.0546
EPSS Percentile
90.2%
Details
Status
published
Products (1)
phorum/phorum
3.0.7
Published
Dec 31, 2000
Tracked Since
Feb 18, 2026