Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2000-1229

Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum administrators to read arbitrary files via ".." (dot dot) sequences in the default .langfile name field in the Master Settings administrative function, which causes the file to be displayed in admin.php3.

  • Published: Dec 31, 2000
  • Updated: Apr 13, 2023
  • CVE: CVE-2000-1229
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
phorum / phorum 3.0.7 3.0.7.x