CyberSec.Space Logo
Back to CVE Browser

CVE-2000-1233

HIGH
7.5
CVSS Severity Score
EPSS Score0.0690%
EPSS Percentile42.62th
PublishedDec 31, 2000
Last ModifiedApr 16, 2026

Vulnerability Description

SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter.

Affected Platforms (CPE)

πŸ“¦
Phorum

Phorum

= 3.0.7

References & Advisories

πŸ”— http://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.html
πŸ”— http://hispahack.ccc.de/mi020.html
πŸ”— http://www.digitalsec.net/stuff/z-mirrors/hispahack/mi020.htm
πŸ”— http://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.html
πŸ”— http://hispahack.ccc.de/mi020.html
πŸ”— http://www.digitalsec.net/stuff/z-mirrors/hispahack/mi020.htm

Related Vulnerabilities

CVE-2003-148710.0

Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and ...

CVE-2003-14667.5

Unspecified vulnerability in Phorum 3.4 through 3.4.2 allows remote attackers to use Phorum as a connection proxy to other sites v...

CVE-2002-07647.5

Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) d...

CVE-2004-00357.5

SQL injection vulnerability in register.php for Phorum 3.4.5 and earlier allows remote attackers to execute arbitrary SQL commands...