Total vulnerabilities in the database
MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the (1) nbuser parameter to post.php or (2) sender parameter to privmsg.php.
| Software | From | Fixed in |
|---|---|---|
| myphp_forum / myphp_forum | 2.0 | 2.0.x |
| myphp_forum / myphp_forum | 1.0 | 1.0.x |
| myphp_forum / myphp_forum | 3.0 | 3.0.x |