Vulnerabilities > CVE-2003-1148 - Unspecified vulnerability in LES Visiteurs LES Visiteurs 2.0.1

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

les-visiteurs

nessus

exploit available

NVD

Published: 2003-10-25

Updated: 2024-11-20

Summary

Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allow remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter to (1) config.inc.php or (2) new-visitor.inc.php in common/visiteurs/include/.

Vulnerable Configurations

Part	Description	Count
Application	Les_Visiteurs LES Visiteurs LES Visiteurs 2.0.1	1

Exploit-Db

description	Les Visiteurs 2.0 Remote File Include. CVE-2003-1148. Webapps exploit for php platform
id	EDB-ID:23302
last seen	2016-02-02
modified	2003-10-27
published	2003-10-27
reporter	Matthieu Peschaud
source	https://www.exploit-db.com/download/23302/
title	Les Visiteurs 2.0 - Remote File Include

Nessus

NASL family	CGI abuses
NASL id	LES_VISITEURS.NASL
description	The remote
last seen	2020-06-01
modified	2020-06-02
plugin id	11911
published	2003-10-27
reporter	This script is Copyright (C) 2003-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/11911
title	Les Visiteurs Multiple Remote File Inclusion

Summary

Vulnerable Configurations

Exploit-Db

Nessus

References