CVE-2005-0345

Name of the Vulnerable Software and Affected Versions php-fusion versions 4.x

Description The issue concerns the viewthread.php file in php-fusion, which fails to check the forum id or forum cat parameters. This allows remote attackers to view protected forums by manipulating the thread id parameter.

Recommendations For php-fusion version 4.x, as a temporary workaround, consider restricting access to the viewthread.php file until a patch is available. Additionally, avoid using the forum id and forum cat parameters in the affected API endpoint until the issue is resolved.