Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
Max CVSS
7.5
EPSS Score
1.45%
Published
2002-03-25
Updated
2008-11-04
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
Max CVSS
6.4
EPSS Score
0.34%
Published
2000-04-03
Updated
2008-09-10
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
Max CVSS
5.0
EPSS Score
2.00%
Published
2001-03-12
Updated
2017-10-10
3 vulnerabilities found