Vulnerabilities > Phpgb > Phpgb > 1.20
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-04-22 | CVE-2002-1482 | SQL Injection vulnerability in PHPgb 1.10/1.20/1.30 SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magic_quotes_gpc is not enabled, allows remote attackers to gain administrative privileges via SQL code in the password entry. | 10.0 |
2003-04-22 | CVE-2002-1481 | Unspecified vulnerability in PHPgb 1.10/1.20 savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php. | 7.5 |