Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0352


Vulnerability Score 5.0 5.0
CVE Id CVE-2002-0352
Last Modified 10 Sep 2008 08:01:00
Published 25 Jun 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication.

Vulnerable Systems


  • Phorum 3.3.2


XF - phorum-admin-users-information(8344)

BUGTRAQ - 20020302 Phorum Discussion Board Security Bug (Email Disclosure)

BID - 4226

Last Updated: 27 May 2016 10:36:53