← CVECheck
HomeVulnerabilities

CVE-2003-1486 — MEDIUM severity vulnerability (Phorum 3.4 through 3.4.2 allows remote attackers to obtain t)

Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to (1) smileys.php, (2) quick_listrss.php, (3) purge.php, (4) news.php, (5) memberlist.php, (6) forum_listrss.php, (7) forum_list_rdf.php, (8) forum_list.php, or (9) move.php, which leaks the informa

CVE IDCVE-2003-1486
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:N/I:P/A:N
CWECWE-200
StatusModified
Published2003-12-31
Last modified2026-04-16
DescriptionPhorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to (1) smileys.php, (2) quick_listrss.php, (3) purge.php, (4) news.php, (5) memberlist.php, (6) forum_listrss.php, (7) forum_list_rdf.php, (8) forum_list.php, or (9) move.php, which leaks the information in an error message.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →