Vulnerabilities > CVE-2004-2240 - Unspecified vulnerability in Phorum 5.0.11
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://phorum.org/cvs-changelog-5.txt
- http://phorum.org/cvs-changelog-5.txt
- http://secunia.com/advisories/12980
- http://secunia.com/advisories/12980
- http://securitytracker.com/id?1011921
- http://securitytracker.com/id?1011921
- http://www.maxpatrol.com/advdetails.asp?id=15
- http://www.maxpatrol.com/advdetails.asp?id=15
- http://www.maxpatrol.com/mp_advisory.asp
- http://www.maxpatrol.com/mp_advisory.asp
- http://www.osvdb.org/11129
- http://www.osvdb.org/11129
- http://www.securityfocus.com/bid/11538
- http://www.securityfocus.com/bid/11538
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17847
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17847