Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
CVSS Score
7.5
EPSS Score
0.008
Published
2002-03-25
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
CVSS Score
5.0
EPSS Score
0.07
Published
2001-03-12
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
CVSS Score
6.4
EPSS Score
0.004
Published
2000-04-03