CVE-2005-0843

Name of the Vulnerable Software and Affected Versions Phorum version 5.0.14a

Description The issue concerns a CRLF injection vulnerability in the search.php file. This vulnerability allows remote attackers to perform HTTP Response Splitting attacks by manipulating the body parameter, which is then included in the resulting Location header.

Recommendations For Phorum version 5.0.14a, consider restricting access to the search.php file or the body parameter to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the body parameter in the search.php file.