CVE-2003-1466

Name of the Vulnerable Software and Affected Versions Phorum versions 3.4 through 3.4.2

Description The issue allows remote attackers to use Phorum as a connection proxy to other sites. This can be achieved via the "register.php" or "login.php" API endpoints.

Recommendations For Phorum versions 3.4 through 3.4.2, consider restricting access to the register.php and login.php endpoints until a patch is available. As a temporary workaround, disabling these endpoints can help minimize the risk of exploitation.