CVE-2000-1228 — MEDIUM severity vulnerability (Phorum 3.0.7 allows remote attackers to change the administr)
Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables.
| CVE ID | CVE-2000-1228 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 5.0 |
| CVSS vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2000-12-31 |
| Last modified | 2026-04-16 |
| Description | Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →