Vulnerabilities > CVE-2002-1481 - Unspecified vulnerability in PHPgb 1.10/1.20
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN phpgb
exploit available
Summary
savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | phpGB 1.1/1.2 PHP Code Injection Vulnerability. CVE-2002-1481. Webapps exploit for php platform |
| id | EDB-ID:21783 |
| last seen | 2016-02-02 |
| modified | 2002-09-09 |
| published | 2002-09-09 |
| reporter | ppp-design |
| source | https://www.exploit-db.com/download/21783/ |
| title | phpGB 1.1/1.2 PHP Code Injection Vulnerability |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0076.html
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0076.html
- http://www.iss.net/security_center/static/10065.php
- http://www.iss.net/security_center/static/10065.php
- http://www.securityfocus.com/bid/5679
- http://www.securityfocus.com/bid/5679