Vulnerabilities > CVE-2002-1481 - Unspecified vulnerability in PHPgb 1.10/1.20
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | phpGB 1.1/1.2 PHP Code Injection Vulnerability. CVE-2002-1481. Webapps exploit for php platform |
id | EDB-ID:21783 |
last seen | 2016-02-02 |
modified | 2002-09-09 |
published | 2002-09-09 |
reporter | ppp-design |
source | https://www.exploit-db.com/download/21783/ |
title | phpGB 1.1/1.2 PHP Code Injection Vulnerability |