Vulnerabilities > CVE-2001-0527 - Unspecified vulnerability in Dcscripts Dcforum and Dcforum 2000
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN dcscripts
exploit available
Summary
DCScripts DCForum versions 2000 and earlier allow a remote attacker to gain additional privileges by inserting pipe symbols (|) and newlines into the last name in the registration form, which will create an extra entry in the registration database.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | DCForum 6.0 Remote Admin Privilege Compromise Vulnerability. CVE-2001-0527. Remote exploit for cgi platform |
| id | EDB-ID:20849 |
| last seen | 2016-02-02 |
| modified | 2001-05-08 |
| published | 2001-05-08 |
| reporter | Franklin DeMatto |
| source | https://www.exploit-db.com/download/20849/ |
| title | DCForum 6.0 - Remote Admin Privilege Compromise Vulnerability |
References
- http://archives.neohapsis.com/archives/bugtraq/2001-05/0122.html
- http://archives.neohapsis.com/archives/bugtraq/2001-05/0122.html
- http://www.dcscripts.com/dcforum/dcfNews/167.html
- http://www.dcscripts.com/dcforum/dcfNews/167.html
- http://www.osvdb.org/480
- http://www.osvdb.org/480
- http://www.securityfocus.com/bid/2728
- http://www.securityfocus.com/bid/2728
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6538
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6538