Webmaster

**Name of the Vulnerable Software and Affected Versions** Phorum versions 3.4 through 3.4.2 **Description** A directory traversal issue in the download.php file allows remote attackers to read arbitrary files. **Recommendations** For Phorum versions 3.4 through 3.4.2, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Phorum versions 3.4 through 3.4.2 **Description** The issue allows remote attackers to use Phorum as a connection proxy to other sites. This can be achieved via the "register.php" or "login.php" API endpoints. **Recommendations** For Phorum versions 3.4 through 3.4.2, consider restricting access to the `register.php` and `login.php` endpoints until a patch is available. As a temporary workaround, disabling these endpoints can help minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Phorum versions prior to 3.4.3 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities in several PHP files, including login.php, register.php, post.php, and common.php. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML, although the specific attack vectors are not detailed. **Recommendations** For versions prior to 3.4.3, update to version 3.4.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected PHP files until the update can be applied.

**Name of the Vulnerable Software and Affected Versions** Phorum versions 3.4 through 3.4.2 **Description** The issue allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to various API endpoints, including "smileys.php", "quick listrss.php", "purge.php", "news.php", "memberlist.php", "forum listrss.php", "forum list rdf.php", "forum list.php", or "move.php". This occurs because these endpoints leak the information in an error message. **Recommendations** For Phorum versions 3.4 through 3.4.2, consider restricting access to the mentioned API endpoints until a patch is available. As a temporary workaround, disabling the execution of these scripts can help minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Phorum versions 3.4 through 3.4.2 **Description** The issue allows remote attackers to execute arbitrary commands and modify configuration files. This can be achieved via the UserAdmin program, Edit user profile, or stats program. **Recommendations** For Phorum versions 3.4 through 3.4.2, consider disabling the UserAdmin program, Edit user profile, and stats program until a patch is available to prevent command injection attacks. Restrict access to these components to minimize the risk of exploitation.