Summary
This host is running Phorum and is prone to cross-site scripting and cross-site request forgery vulnerabilities.
Impact
Successful exploitation will allow attacker to execute arbitrary code in the context of an application.
Impact Level: Application
Solution
Upgrade Phorum to 5.2.16 or later,
For updates refer to http://www.phorum.org/downloads.php
Insight
The flaws are due to unspecified errors in the application.
Affected
Phorum version prior to 5.2.16
References
Severity
Classification
-
CVE CVE-2011-3381, CVE-2011-3382 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
- Adobe ColdFusion HTTP Response Splitting Vulnerability
- A4Desk Event Calendar 'eventid' Parameter SQL Injection Vulnerability
- Apache Tomcat Multiple Vulnerabilities June-09
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability