Search
Find a vulnerability
Search criteria
6 vulnerabilities found for forums by allaire
CVE-2002-0108 (GCVE-0-2002-0108)
Vulnerability from nvd – Published: 2002-03-15 05:00 – Updated: 2024-08-08 02:35
VLAI
Summary
Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/7841.php | vdb-entryx_refsource_XF |
| http://online.securityfocus.com/archive/1/249026 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/3827 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/575619 | third-party-advisoryx_refsource_CERT-VN |
Date Public
2002-01-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "allaire-forums-message-spoofing(7841)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"name": "20020108 Allaire Forums Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"name": "3827",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3827"
},
{
"name": "VU#575619",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/575619"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-03-13T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "allaire-forums-message-spoofing(7841)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"name": "20020108 Allaire Forums Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"name": "3827",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3827"
},
{
"name": "VU#575619",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/575619"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "allaire-forums-message-spoofing(7841)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"name": "20020108 Allaire Forums Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"name": "3827",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3827"
},
{
"name": "VU#575619",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/575619"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0108",
"datePublished": "2002-03-15T05:00:00.000Z",
"dateReserved": "2002-03-15T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:35:17.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0800 (GCVE-0-1999-0800)
Vulnerability from nvd – Published: 2001-05-07 04:00 – Updated: 2024-08-01 16:48
VLAI
Summary
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/ntbugtraq/… | mailing-listx_refsource_NTBUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.allaire.com/handlers/index.cfm?ID=9602… | vendor-advisoryx_refsource_ALLAIRE |
| http://www.osvdb.org/944 | vdb-entryx_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:38.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"name": "allaire-forums-file-read(1748)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
},
{
"name": "ASB99-05",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE",
"x_transferred"
],
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"name": "944",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/944"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"name": "allaire-forums-file-read(1748)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
},
{
"name": "ASB99-05",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE"
],
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"name": "944",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/944"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
"refsource": "NTBUGTRAQ",
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"name": "allaire-forums-file-read(1748)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
},
{
"name": "ASB99-05",
"refsource": "ALLAIRE",
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"name": "944",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/944"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0800",
"datePublished": "2001-05-07T04:00:00.000Z",
"dateReserved": "1999-11-25T00:00:00.000Z",
"dateUpdated": "2024-08-01T16:48:38.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0297 (GCVE-0-2000-0297)
Vulnerability from nvd – Published: 2000-07-12 04:00 – Updated: 2024-08-08 05:14
VLAI
Summary
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/1085 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/1270 | vdb-entryx_refsource_OSVDB |
| http://www2.allaire.com/handlers/index.cfm?ID=150… | vendor-advisoryx_refsource_ALLAIRE |
Date Public
2000-04-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.613Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1085",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1085"
},
{
"name": "1270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1270"
},
{
"name": "ASB00-06",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE",
"x_transferred"
],
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1085",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1085"
},
{
"name": "1270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1270"
},
{
"name": "ASB00-06",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE"
],
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1085"
},
{
"name": "1270",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1270"
},
{
"name": "ASB00-06",
"refsource": "ALLAIRE",
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0297",
"datePublished": "2000-07-12T04:00:00.000Z",
"dateReserved": "2000-04-26T00:00:00.000Z",
"dateUpdated": "2024-08-08T05:14:20.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0108 (GCVE-0-2002-0108)
Vulnerability from cvelistv5 – Published: 2002-03-15 05:00 – Updated: 2024-08-08 02:35
VLAI
Summary
Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.iss.net/security_center/static/7841.php | vdb-entryx_refsource_XF |
| http://online.securityfocus.com/archive/1/249026 | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/3827 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/575619 | third-party-advisoryx_refsource_CERT-VN |
Date Public
2002-01-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "allaire-forums-message-spoofing(7841)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"name": "20020108 Allaire Forums Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"name": "3827",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3827"
},
{
"name": "VU#575619",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/575619"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-03-13T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "allaire-forums-message-spoofing(7841)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"name": "20020108 Allaire Forums Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"name": "3827",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3827"
},
{
"name": "VU#575619",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/575619"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "allaire-forums-message-spoofing(7841)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7841.php"
},
{
"name": "20020108 Allaire Forums Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/249026"
},
{
"name": "3827",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3827"
},
{
"name": "VU#575619",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/575619"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0108",
"datePublished": "2002-03-15T05:00:00.000Z",
"dateReserved": "2002-03-15T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:35:17.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0800 (GCVE-0-1999-0800)
Vulnerability from cvelistv5 – Published: 2001-05-07 04:00 – Updated: 2024-08-01 16:48
VLAI
Summary
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/ntbugtraq/… | mailing-listx_refsource_NTBUGTRAQ |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.allaire.com/handlers/index.cfm?ID=9602… | vendor-advisoryx_refsource_ALLAIRE |
| http://www.osvdb.org/944 | vdb-entryx_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:38.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"name": "allaire-forums-file-read(1748)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
},
{
"name": "ASB99-05",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE",
"x_transferred"
],
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"name": "944",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/944"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"name": "allaire-forums-file-read(1748)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
},
{
"name": "ASB99-05",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE"
],
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"name": "944",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/944"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
"refsource": "NTBUGTRAQ",
"url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
},
{
"name": "allaire-forums-file-read(1748)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
},
{
"name": "ASB99-05",
"refsource": "ALLAIRE",
"url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
},
{
"name": "944",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/944"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0800",
"datePublished": "2001-05-07T04:00:00.000Z",
"dateReserved": "1999-11-25T00:00:00.000Z",
"dateUpdated": "2024-08-01T16:48:38.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0297 (GCVE-0-2000-0297)
Vulnerability from cvelistv5 – Published: 2000-07-12 04:00 – Updated: 2024-08-08 05:14
VLAI
Summary
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/1085 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/1270 | vdb-entryx_refsource_OSVDB |
| http://www2.allaire.com/handlers/index.cfm?ID=150… | vendor-advisoryx_refsource_ALLAIRE |
Date Public
2000-04-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.613Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1085",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1085"
},
{
"name": "1270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1270"
},
{
"name": "ASB00-06",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE",
"x_transferred"
],
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1085",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1085"
},
{
"name": "1270",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1270"
},
{
"name": "ASB00-06",
"tags": [
"vendor-advisory",
"x_refsource_ALLAIRE"
],
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0297",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1085"
},
{
"name": "1270",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1270"
},
{
"name": "ASB00-06",
"refsource": "ALLAIRE",
"url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0297",
"datePublished": "2000-07-12T04:00:00.000Z",
"dateReserved": "2000-04-26T00:00:00.000Z",
"dateUpdated": "2024-08-08T05:14:20.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}