CVE-2004-0034 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and earlier allow remote attackers to inject arbitrary HTML or web script via (1) the phorum_check_xss function in common.php (2) the EditError variable in profile.php and (3) the Error variable in login.php.

Reference

http://marc.info/?l=bugtraq&m=107340481804110&w=2 http://phorum.org/ http://secunia.com/advisories/10567 http://www.osvdb.org/3434 http://www.osvdb.org/3506 http://www.osvdb.org/3510 http://www.securityfocus.com/bid/9361 http://www.securitytracker.com/id?1008633 https://exchange.xforce.ibmcloud.com/vulnerabilities/14145

Share on: