https://www.exploit-db.com/exploits/23820
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200403-055

Phorum3.1到5.0.3测试版存在多个跨站脚本漏洞。远程攻击者借助（1）login.php的HTTP_REFERER参数，（2）register.php的HTTP_REFERER参数，或（3）profile.php的target参数注入任意web脚本或HTML。

source: http://www.securityfocus.com/bid/9882/info
  
It has been reported that Phorum is prone to a cross-site scripting vulnerability across multiple modules. The issue presents itself across multiple modules including 'login.php', 'register.php', and 'profile.php'. These modules employ two hidden variables named 'f' and 'target', which are passed user-supplied input values from HTTP_REFERER without proper sanitization.
  
Phorum versions 5.0.3 Beta and prior are reported to be vulnerable to this issue.

profile.php?id=2&action=edit&target=[XSS]

来源:BID
名称:9882
链接:http://www.securityfocus.com/bid/9882
来源:SECUNIA
名称:11157
链接:http://secunia.com/advisories/11157
来源:XF
名称:phorum-register-xss(15494)
链接:http://xforce.iss.net/xforce/xfdb/15494
来源:phorum.org
链接:http://phorum.org/changelog.txt
来源:BUGTRAQ
名称:20040315Phorum5.0.3Beta&&EarlierXSSIssues;
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=107939479713136&w;=2
来源:OSVDB
名称:4335
链接:http://www.osvdb.org/4335
来源:OSVDB
名称:4334
链接:http://www.osvdb.org/4334
来源:OSVDB
名称:4333
链接:http://www.osvdb.org/4333
来源:SECTRACK
名称:1009433
链接:http://securitytracker.com/id?1009433