Описание
Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication.
Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication.
EPSS
Процентиль: 68%
0.00579
Низкий
CVE ID
Связанные уязвимости
nvd
около 23 лет назад
Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication.
EPSS
Процентиль: 68%
0.00579
Низкий