CVE-2002-2398

Description

The new thread posting page in APBoard 2.02 and 2.03 allows remote attackers to post messages to protected forums by modifying the insertinto parameter.

Affected products

• app / apboard2.02 – 2.02
• app / apboard2.03 – 2.03

References

• MISChttp://online.securityfocus.com/archive/1/299536
• MISChttp://www.securityfocus.com/bid/6167
• MISChttp://www.iss.net/security_center/static/10611.php
• MISChttp://securityreason.com/securityalert/3332