Search criteria
9 vulnerabilities found for forums by allaire
FKIE_CVE-2002-0108
Vulnerability from fkie_nvd - Published: 2002-03-25 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:allaire:forums:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D746DEF6-40BE-405A-A36F-AD78843CA9AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:allaire:forums:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56882CBB-6AE2-4918-80FF-CB22CD57DF54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:allaire:forums:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5E00AB-BA3B-4D75-BB1E-CD3B66EAD1F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:allaire:forums:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "843D94C2-78E4-47C8-B7F9-752E434ED95B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address."
},
{
"lang": "es",
"value": "Allaire Forums 2.0.4 y 2.0.5 y Foros! 3.0 y 3.1 permiten a usuarios remotos autorizados suplantar la identidad de otros usuarios (Spoofing) para enviar mensajes modificando en el formulario los campos de nombre y direcci\u00f3n de correo."
}
],
"id": "CVE-2002-0108",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-03-25T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/575619"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3827"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/575619"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3827"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-1999-0800
Vulnerability from fkie_nvd - Published: 2001-03-12 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:allaire:forums:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C50D11DF-E5F4-44CA-8668-6981785C6B54",
"versionEndIncluding": "2.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
}
],
"id": "CVE-1999-0800",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-03-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/944"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/944"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2000-0297
Vulnerability from fkie_nvd - Published: 2000-04-03 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:allaire:forums:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56882CBB-6AE2-4918-80FF-CB22CD57DF54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables."
}
],
"id": "CVE-2000-0297",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-04-03T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1270"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1085"
},
{
"source": "cve@mitre.org",
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2002-0108 (GCVE-0-2002-0108)
Vulnerability from cvelistv5 – Published: 2002-03-15 05:00 – Updated: 2024-08-08 02:35
VLAI?
Summary
Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "allaire-forums-message-spoofing(7841)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"name": "20020108 Allaire Forums Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"name": "3827",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3827"
},
{
"name": "VU#575619",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/575619"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-03-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "allaire-forums-message-spoofing(7841)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"name": "20020108 Allaire Forums Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"name": "3827",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3827"
},
{
"name": "VU#575619",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/575619"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "allaire-forums-message-spoofing(7841)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"name": "20020108 Allaire Forums Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"name": "3827",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3827"
},
{
"name": "VU#575619",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/575619"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0108",
"datePublished": "2002-03-15T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T02:35:17.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0800 (GCVE-0-1999-0800)
Vulnerability from cvelistv5 – Published: 2001-05-07 04:00 – Updated: 2024-08-01 16:48
VLAI?
Summary
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:38.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"name": "allaire-forums-file-read(1748)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
},
{
"name": "ASB99-05",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE",
"x_transferred"
],
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"name": "944",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/944"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"name": "allaire-forums-file-read(1748)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
},
{
"name": "ASB99-05",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE"
],
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"name": "944",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/944"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
"refsource": "NTBUGTRAQ",
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"name": "allaire-forums-file-read(1748)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
},
{
"name": "ASB99-05",
"refsource": "ALLAIRE",
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"name": "944",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/944"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0800",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:38.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0297 (GCVE-0-2000-0297)
Vulnerability from cvelistv5 – Published: 2000-07-12 04:00 – Updated: 2024-08-08 05:14
VLAI?
Summary
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.613Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1085",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1085"
},
{
"name": "1270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1270"
},
{
"name": "ASB00-06",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE",
"x_transferred"
],
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1085",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1085"
},
{
"name": "1270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1270"
},
{
"name": "ASB00-06",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE"
],
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1085"
},
{
"name": "1270",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1270"
},
{
"name": "ASB00-06",
"refsource": "ALLAIRE",
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0297",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-04-26T00:00:00",
"dateUpdated": "2024-08-08T05:14:20.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0108 (GCVE-0-2002-0108)
Vulnerability from nvd – Published: 2002-03-15 05:00 – Updated: 2024-08-08 02:35
VLAI?
Summary
Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "allaire-forums-message-spoofing(7841)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"name": "20020108 Allaire Forums Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"name": "3827",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3827"
},
{
"name": "VU#575619",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/575619"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-03-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "allaire-forums-message-spoofing(7841)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"name": "20020108 Allaire Forums Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"name": "3827",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3827"
},
{
"name": "VU#575619",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/575619"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "allaire-forums-message-spoofing(7841)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"name": "20020108 Allaire Forums Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"name": "3827",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3827"
},
{
"name": "VU#575619",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/575619"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0108",
"datePublished": "2002-03-15T05:00:00",
"dateReserved": "2002-03-15T00:00:00",
"dateUpdated": "2024-08-08T02:35:17.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0800 (GCVE-0-1999-0800)
Vulnerability from nvd – Published: 2001-05-07 04:00 – Updated: 2024-08-01 16:48
VLAI?
Summary
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:38.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"name": "allaire-forums-file-read(1748)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
},
{
"name": "ASB99-05",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE",
"x_transferred"
],
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"name": "944",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/944"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"name": "allaire-forums-file-read(1748)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
},
{
"name": "ASB99-05",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE"
],
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"name": "944",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/944"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
"refsource": "NTBUGTRAQ",
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"name": "allaire-forums-file-read(1748)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
},
{
"name": "ASB99-05",
"refsource": "ALLAIRE",
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"name": "944",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/944"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0800",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:38.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0297 (GCVE-0-2000-0297)
Vulnerability from nvd – Published: 2000-07-12 04:00 – Updated: 2024-08-08 05:14
VLAI?
Summary
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.613Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1085",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1085"
},
{
"name": "1270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1270"
},
{
"name": "ASB00-06",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE",
"x_transferred"
],
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1085",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1085"
},
{
"name": "1270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1270"
},
{
"name": "ASB00-06",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE"
],
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1085"
},
{
"name": "1270",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1270"
},
{
"name": "ASB00-06",
"refsource": "ALLAIRE",
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0297",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-04-26T00:00:00",
"dateUpdated": "2024-08-08T05:14:20.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}