SQL Injection Vulnerability in Phorum 5.0.12 and Earlier: Remote Code Execution via follow.php

SQL Injection Vulnerability in Phorum 5.0.12 and Earlier: Remote Code Execution via follow.php

CVE-2004-1518 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in follow.php in Phorum 5.0.12 and earlier allows remote authenticated users to execute arbitrary SQL command via the forum_id parameter.

Learn more about our User Device Pen Test.