Vulnerabilities > CVE-2004-1573

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

aj-fork

cutephp

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777, which allows local users to execute arbitrary PHP code and gain privileges as the administrator.

Vulnerable Configurations

Part	Description	Count
Application	Aj-Fork AJ Fork AJ Fork 167	1
Application	Cutephp Cutephp Cutenews 1.3.6 Cutephp Cutenews 1.3.2 Cutephp Cutenews 0.88 Cutephp Cutenews 1.3 Cutephp Cutenews 1.3.1	5

References

http://echo.or.id/adv/adv07-y3dips-2004.txt
http://echo.or.id/adv/adv07-y3dips-2004.txt
http://marc.info/?l=bugtraq&m=109664986210763&w=2
http://marc.info/?l=bugtraq&m=109664986210763&w=2
http://securitytracker.com/id?1011484
http://securitytracker.com/id?1011484
http://www.securityfocus.com/bid/11301
http://www.securityfocus.com/bid/11301
https://exchange.xforce.ibmcloud.com/vulnerabilities/17571
https://exchange.xforce.ibmcloud.com/vulnerabilities/17571

Vulnerabilities > CVE-2004-1573 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2004-1573"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2004-1573