The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
6.6AI Score
0.02EPSS
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
7.2AI Score
0.003EPSS
Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 allows remote authenticated users to spoof messages as other users by modifying the hidden form fields for the name and e-mail address.
6.3AI Score
0.015EPSS
Directory traversal vulnerability in the zing_forum_output function in forum.php in the Zingiri Forum (aka Forums) plugin before 1.4.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter to index.php.
6.9AI Score
0.003EPSS