CVE-2004-2240 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2004-2240

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php.

Affected Software

Name	Vendor	Start Version	End Version
Phorum	Phorum	5.0.11 (including)	5.0.11 (including)

References

http://phorum.org/cvs-changelog-5.txt
http://secunia.com/advisories/12980
http://securitytracker.com/id?1011921
http://www.maxpatrol.com/advdetails.asp?id=15
http://www.maxpatrol.com/mp_advisory.asp
http://www.osvdb.org/11129
http://www.securityfocus.com/bid/11538
https://exchange.xforce.ibmcloud.com/vulnerabilities/17847