Vulnerabilities > CVE-2007-2250 - Unspecified vulnerability in Phorum

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

exploit available

NVD

Published: 2007-04-25

Updated: 2018-10-16

Summary

admin.php in Phorum before 5.1.22 allows remote attackers to obtain the full path via the module[] parameter.

Part	Description	Count
Application	Phorum Phorum Phorum - Phorum Phorum 3.0.7 Phorum Phorum 3.1 Phorum Phorum 3.1.1 Phorum Phorum 3.1.2 Phorum Phorum 3.2 Phorum Phorum 3.2.2 Phorum Phorum 3.2.3 Phorum Phorum 3.2.4 Phorum Phorum 3.2.5 Phorum Phorum 3.2.6 Phorum Phorum 3.2.7 Phorum Phorum 3.2.8 Phorum Phorum 3.2.11 Phorum Phorum 3.3.1 Phorum Phorum 3.3.2 Phorum Phorum 3.4 Phorum Phorum 3.4.1 Phorum Phorum 3.4.2 Phorum Phorum 3.4.3 Phorum Phorum 3.4.4 Phorum Phorum 3.4.5 Phorum Phorum 3.4.6 Phorum Phorum 3.4.7 Phorum Phorum 3.4.8 Phorum Phorum 4.3.7 Phorum Phorum 5.0.0 Phorum Phorum 5.0.1 Phorum Phorum 5.0.2 Phorum Phorum 5.0.3 Phorum Phorum 5.0.4 Phorum Phorum 5.0.5 Phorum Phorum 5.0.6 Phorum Phorum 5.0.7 Phorum Phorum 5.0.8 Phorum Phorum 5.0.9 Phorum Phorum 5.0.10 Phorum Phorum 5.0.11 Phorum Phorum 5.0.12 Phorum Phorum 5.0.13 Phorum Phorum 5.0.14 Phorum Phorum 5.0.15 Phorum Phorum 5.0.16 Phorum Phorum 5.0.17 Phorum Phorum 5.0.18 Phorum Phorum 5.0.19 Phorum Phorum 5.0.20 Phorum Phorum 5.1.13 Phorum Phorum 5.1.14 Phorum Phorum 5.1.17 Phorum Phorum 5.1.18 Phorum Phorum 5.1.20	67

description	Phorum 5.1.20 admin.php module[] Variable Path Disclosure. CVE-2007-2250. Webapps exploit for php platform
id	EDB-ID:29890
last seen	2016-02-03
modified	2007-04-23
published	2007-04-23
reporter	Janek Vind
source	https://www.exploit-db.com/download/29890/
title	Phorum 5.1.20 - admin.php module Variable Path Disclosure