Vulnerabilities > CVE-2003-0559 - Remote Security vulnerability in PHPforum 2.0Rc1

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

phpforum

NVD

Published: 2003-08-18

Updated: 2016-10-18

Summary

mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by modifying the MAIN_PATH parameter to reference a URL on a remote web server that contains the code.

Vulnerable Configurations

Part	Description	Count
Application	Phpforum Phpforum Phpforum 2.0_Rc1	1

References

http://marc.info/?l=bugtraq&m=105787021803729&w=2