header-logo
Suggest Exploit
vendor:
APBoard
by:
SecurityFocus
8.8
CVSS
HIGH
Unauthorized Access
284
CWE
Product Name: APBoard
Affected Version From: 1
Affected Version To: 1.2
Patch Exists: YES
Related CWE: CVE-2003-0753
CPE: a:apboard:apboard
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2003

A vulnerability has been reported for APBoard

APBoard is vulnerable to an unauthorized access vulnerability due to the 'useraction.php' script failing to properly check user credentials. This allows an attacker to access private threads by manipulating the 'threadid' parameter in the URL.

Mitigation:

Upgrade to the latest version of APBoard.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6330/info

A vulnerability has been reported for APBoard that may allow unauthorized users to read postings in internal forums. The vulnerability is a result of the 'useraction.php' script failing to properly check user credentials.

www.board.de/useraction.php3?action=subscribe_thread&threadid=<private thread id>

Navigation

Suggest Exploit

Services By CQR