Description
CRLF injection vulnerability in search.php in Phorum 5.0.14a allows remote attackers to perform HTTP Response Splitting attacks via the body parameter, which is included in the resulting Location header.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Alexander Anisimov · textwebappsphp
https://www.exploit-db.com/exploits/25258
References (2)
Core 2
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=111151651621097&w=2
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/14680
Scores
EPSS
0.0322
EPSS Percentile
87.2%
Details
Status
published
Products (1)
phorum/phorum
5.0.14a
Published
May 02, 2005
Tracked Since
Feb 18, 2026