Vulnerabilities > CVE-2005-2652 - Unspecified vulnerability in PHPoutsourcing Zorum 3.5

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

phpoutsourcing

NVD

Published: 2005-08-23

Updated: 2024-11-21

Summary

Zorum 3.5 allows remote attackers to obtain the full installation path via direct requests to (1) gorum/notification.php, (2) user.php, (3) attach.php, (4) blacklist.php, (5) zorum/forum.php, (6) globalstat.php, (7) gorum/trace.php, (8) gorum/badwords.php, or (9) gorum/flood.php.

Vulnerable Configurations

Part	Description	Count
Application	Phpoutsourcing Phpoutsourcing Zorum 3.5	1

References

http://marc.info/?l=bugtraq&m=112438781604862&w=2
http://marc.info/?l=bugtraq&m=112438781604862&w=2
http://rgod.altervista.org/zorum.html
http://rgod.altervista.org/zorum.html
http://securitytracker.com/id?1014725
http://securitytracker.com/id?1014725
https://exchange.xforce.ibmcloud.com/vulnerabilities/21914
https://exchange.xforce.ibmcloud.com/vulnerabilities/21914