CVE Vulnerabilities

CVE-2005-1404

Published: May 03, 2005 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the (1) nbuser parameter to post.php or (2) sender parameter to privmsg.php.

Affected Software

Name Vendor Start Version End Version
Myphp_forum Myphp_forum 1.0 1.0
Myphp_forum Myphp_forum 2.0 2.0
Myphp_forum Myphp_forum 3.0 3.0

References