Vulnerabilities > CVE-2001-0527 - Remote Admin Privilege Compromise vulnerability in Dcforum 2000

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

dcscripts

critical

exploit available

NVD

Published: 2001-08-14

Updated: 2017-10-10

Summary

DCScripts DCForum versions 2000 and earlier allow a remote attacker to gain additional privileges by inserting pipe symbols (|) and newlines into the last name in the registration form, which will create an extra entry in the registration database.

Vulnerable Configurations

Part	Description	Count
Application	Dcscripts Dcscripts Dcforum 6.0 Dcscripts Dcforum 2000 1.0	2

Exploit-Db

description	DCForum 6.0 Remote Admin Privilege Compromise Vulnerability. CVE-2001-0527. Remote exploit for cgi platform
id	EDB-ID:20849
last seen	2016-02-02
modified	2001-05-08
published	2001-05-08
reporter	Franklin DeMatto
source	https://www.exploit-db.com/download/20849/
title	DCForum 6.0 - Remote Admin Privilege Compromise Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References