Vulnerability Details CVE-2005-2600
FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0383.html
- http://secunia.com/advisories/16414
- http://secunia.com/advisories/17643
- http://www.debian.org/security/2005/dsa-798
- http://www.debian.org/security/2005/dsa-899
- http://www.securityfocus.com/bid/14556
- http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0383.html
- http://secunia.com/advisories/16414
- http://secunia.com/advisories/17643
- http://www.debian.org/security/2005/dsa-798
- http://www.debian.org/security/2005/dsa-899
- http://www.securityfocus.com/bid/14556
Products affected by CVE-2005-2600
-
cpe:2.3:a:ilia_alshanetsky:fudforum:2.6.15