COMMAND

	Allair forums allows impersonation of other users

SYSTEMS AFFECTED

	All ?

PROBLEM

	\"Kernel     jeian\"     and      \"Executive      Officer\"      posted
	[http://www.exploitresearch.net] :
	

	Allaire forums use a  HIDDEN  tag  to  determine  the  name  and  e-mail
	address of the author. By saving  the  file  to  disk  and  editing  the
	HIDDEN fields before posting, it  is  possible  to  impersonate  another
	user.

SOLUTION

	The product is discontinued ??