CVE-2003-1373

2003-12-31T00:00:00
ID CVE-2003-1373
Type cve
Reporter NVD
Modified 2017-07-28T21:29:08

Description

Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in prefs.php.