Back to search
CVE-2004-2243
Published: Jul 17, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
Phorum allows remote attackers to hijack sessions of other users by stealing and replaying the session hash in the phorum_uriauth parameter, as demonstrated using profile.php. NOTE: the affected version was reported to be 4.3.7, but this may be erroneous.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
phorum-session-hijack(16215)
vdb-entry
x_refsource_XF
20040519 Ph0rum phorum_uriauth replay attack
mailing-list
x_refsource_FULLDISC
1010219
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now