Unrated severityNVD Advisory· Published Dec 31, 2000· Updated Apr 16, 2026

CVE-2000-1229

Description

Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum administrators to read arbitrary files via ".." (dot dot) sequences in the default .langfile name field in the Master Settings administrative function, which causes the file to be displayed in admin.php3.

Affected products

Phorum/Phorum
cpe:2.3:a:phorum:phorum:3.0.7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.htmlnvdExploitPatchVendor Advisory
hispahack.ccc.de/mi020.htmlnvd
www.digitalsec.net/stuff/z-mirrors/hispahack/mi020.htmnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000