Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0352

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0352
Last Modified 10 Sep 2008 08:01:00
Published 25 Jun 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0352

Summary

Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication.

Vulnerable Systems

Application

  • Phorum 3.3.2


References

XF - phorum-admin-users-information(8344)

BUGTRAQ - 20020302 Phorum Discussion Board Security Bug (Email Disclosure)

BID - 4226


Last Updated: 27 May 2016 10:36:53