Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for forums by allaire

    CVE-2002-0108 (GCVE-0-2002-0108)

    Vulnerability from nvd – Published: 2002-03-15 05:00 – Updated: 2024-08-08 02:35
    VLAI
    Summary
    Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.iss.net/security_center/static/7841.php vdb-entryx_refsource_XF
    http://online.securityfocus.com/archive/1/249026 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/3827 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/575619 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2002-01-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:35:17.607Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "allaire-forums-message-spoofing(7841)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/7841.php"
              },
              {
                "name": "20020108 Allaire Forums Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/archive/1/249026"
              },
              {
                "name": "3827",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/3827"
              },
              {
                "name": "VU#575619",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/575619"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-01-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-03-13T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "allaire-forums-message-spoofing(7841)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/7841.php"
            },
            {
              "name": "20020108 Allaire Forums Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://online.securityfocus.com/archive/1/249026"
            },
            {
              "name": "3827",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/3827"
            },
            {
              "name": "VU#575619",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/575619"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0108",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "allaire-forums-message-spoofing(7841)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/7841.php"
                },
                {
                  "name": "20020108 Allaire Forums Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://online.securityfocus.com/archive/1/249026"
                },
                {
                  "name": "3827",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/3827"
                },
                {
                  "name": "VU#575619",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/575619"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0108",
        "datePublished": "2002-03-15T05:00:00.000Z",
        "dateReserved": "2002-03-15T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:35:17.607Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-0800 (GCVE-0-1999-0800)

    Vulnerability from nvd – Published: 2001-05-07 04:00 – Updated: 2024-08-01 16:48
    VLAI
    Summary
    The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://archives.neohapsis.com/archives/ntbugtraq/… mailing-listx_refsource_NTBUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.allaire.com/handlers/index.cfm?ID=9602… vendor-advisoryx_refsource_ALLAIRE
    http://www.osvdb.org/944 vdb-entryx_refsource_OSVDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T16:48:38.137Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
                "tags": [
                  "mailing-list",
                  "x_refsource_NTBUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
              },
              {
                "name": "allaire-forums-file-read(1748)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
              },
              {
                "name": "ASB99-05",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_ALLAIRE",
                  "x_transferred"
                ],
                "url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
              },
              {
                "name": "944",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/944"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-09-02T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
              "tags": [
                "mailing-list",
                "x_refsource_NTBUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
            },
            {
              "name": "allaire-forums-file-read(1748)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
            },
            {
              "name": "ASB99-05",
              "tags": [
                "vendor-advisory",
                "x_refsource_ALLAIRE"
              ],
              "url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
            },
            {
              "name": "944",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/944"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-0800",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
                  "refsource": "NTBUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
                },
                {
                  "name": "allaire-forums-file-read(1748)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
                },
                {
                  "name": "ASB99-05",
                  "refsource": "ALLAIRE",
                  "url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
                },
                {
                  "name": "944",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/944"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-0800",
        "datePublished": "2001-05-07T04:00:00.000Z",
        "dateReserved": "1999-11-25T00:00:00.000Z",
        "dateUpdated": "2024-08-01T16:48:38.137Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0297 (GCVE-0-2000-0297)

    Vulnerability from nvd – Published: 2000-07-12 04:00 – Updated: 2024-08-08 05:14
    VLAI
    Summary
    Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/1085 vdb-entryx_refsource_BID
    http://www.osvdb.org/1270 vdb-entryx_refsource_OSVDB
    http://www2.allaire.com/handlers/index.cfm?ID=150… vendor-advisoryx_refsource_ALLAIRE
    Date Public
    2000-04-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:14:20.613Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1085",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1085"
              },
              {
                "name": "1270",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/1270"
              },
              {
                "name": "ASB00-06",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_ALLAIRE",
                  "x_transferred"
                ],
                "url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-04-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-09-02T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1085",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1085"
            },
            {
              "name": "1270",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/1270"
            },
            {
              "name": "ASB00-06",
              "tags": [
                "vendor-advisory",
                "x_refsource_ALLAIRE"
              ],
              "url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0297",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1085",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1085"
                },
                {
                  "name": "1270",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/1270"
                },
                {
                  "name": "ASB00-06",
                  "refsource": "ALLAIRE",
                  "url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0297",
        "datePublished": "2000-07-12T04:00:00.000Z",
        "dateReserved": "2000-04-26T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:14:20.613Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0108 (GCVE-0-2002-0108)

    Vulnerability from cvelistv5 – Published: 2002-03-15 05:00 – Updated: 2024-08-08 02:35
    VLAI
    Summary
    Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.iss.net/security_center/static/7841.php vdb-entryx_refsource_XF
    http://online.securityfocus.com/archive/1/249026 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/3827 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/575619 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2002-01-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:35:17.607Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "allaire-forums-message-spoofing(7841)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/7841.php"
              },
              {
                "name": "20020108 Allaire Forums Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/archive/1/249026"
              },
              {
                "name": "3827",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/3827"
              },
              {
                "name": "VU#575619",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/575619"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-01-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-03-13T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "allaire-forums-message-spoofing(7841)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/7841.php"
            },
            {
              "name": "20020108 Allaire Forums Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://online.securityfocus.com/archive/1/249026"
            },
            {
              "name": "3827",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/3827"
            },
            {
              "name": "VU#575619",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/575619"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0108",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "allaire-forums-message-spoofing(7841)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/7841.php"
                },
                {
                  "name": "20020108 Allaire Forums Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://online.securityfocus.com/archive/1/249026"
                },
                {
                  "name": "3827",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/3827"
                },
                {
                  "name": "VU#575619",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/575619"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0108",
        "datePublished": "2002-03-15T05:00:00.000Z",
        "dateReserved": "2002-03-15T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:35:17.607Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-0800 (GCVE-0-1999-0800)

    Vulnerability from cvelistv5 – Published: 2001-05-07 04:00 – Updated: 2024-08-01 16:48
    VLAI
    Summary
    The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://archives.neohapsis.com/archives/ntbugtraq/… mailing-listx_refsource_NTBUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.allaire.com/handlers/index.cfm?ID=9602… vendor-advisoryx_refsource_ALLAIRE
    http://www.osvdb.org/944 vdb-entryx_refsource_OSVDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T16:48:38.137Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
                "tags": [
                  "mailing-list",
                  "x_refsource_NTBUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
              },
              {
                "name": "allaire-forums-file-read(1748)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
              },
              {
                "name": "ASB99-05",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_ALLAIRE",
                  "x_transferred"
                ],
                "url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
              },
              {
                "name": "944",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/944"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-09-02T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
              "tags": [
                "mailing-list",
                "x_refsource_NTBUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
            },
            {
              "name": "allaire-forums-file-read(1748)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
            },
            {
              "name": "ASB99-05",
              "tags": [
                "vendor-advisory",
                "x_refsource_ALLAIRE"
              ],
              "url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
            },
            {
              "name": "944",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/944"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-0800",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "19990211 ACFUG List: Alert: Allaire Forums GetFile bug",
                  "refsource": "NTBUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html"
                },
                {
                  "name": "allaire-forums-file-read(1748)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1748"
                },
                {
                  "name": "ASB99-05",
                  "refsource": "ALLAIRE",
                  "url": "http://www.allaire.com/handlers/index.cfm?ID=9602\u0026Method=Full"
                },
                {
                  "name": "944",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/944"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-0800",
        "datePublished": "2001-05-07T04:00:00.000Z",
        "dateReserved": "1999-11-25T00:00:00.000Z",
        "dateUpdated": "2024-08-01T16:48:38.137Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0297 (GCVE-0-2000-0297)

    Vulnerability from cvelistv5 – Published: 2000-07-12 04:00 – Updated: 2024-08-08 05:14
    VLAI
    Summary
    Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/1085 vdb-entryx_refsource_BID
    http://www.osvdb.org/1270 vdb-entryx_refsource_OSVDB
    http://www2.allaire.com/handlers/index.cfm?ID=150… vendor-advisoryx_refsource_ALLAIRE
    Date Public
    2000-04-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:14:20.613Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1085",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1085"
              },
              {
                "name": "1270",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/1270"
              },
              {
                "name": "ASB00-06",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_ALLAIRE",
                  "x_transferred"
                ],
                "url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-04-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2004-09-02T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1085",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1085"
            },
            {
              "name": "1270",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/1270"
            },
            {
              "name": "ASB00-06",
              "tags": [
                "vendor-advisory",
                "x_refsource_ALLAIRE"
              ],
              "url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0297",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1085",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1085"
                },
                {
                  "name": "1270",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/1270"
                },
                {
                  "name": "ASB00-06",
                  "refsource": "ALLAIRE",
                  "url": "http://www2.allaire.com/handlers/index.cfm?ID=15099\u0026Method=Full"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0297",
        "datePublished": "2000-07-12T04:00:00.000Z",
        "dateReserved": "2000-04-26T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:14:20.613Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }