Lucene search

[email protected]CVE-2003-1459

HistoryOct 23, 2007 - 1:00 a.m.

CVE-2003-1459

2007-10-2301:00:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2003-1459

php

remote file inclusion

ttcms

ttforum

vulnerability

arbitrary code execution

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.022 Low

EPSS

Percentile

89.5%

JSON

Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote attackers to execute arbitrary PHP code via the (1) template parameter in News.php or (2) installdir parameter in install.php.

Affected configurations

NVD

Node

ttcmsttcmsMatch2.2

ttcmsttforumMatch1.1

CPENameOperatorVersion
ttcms:ttcmsttcmseq2.2
ttcms:ttforumttcms ttforumeq1.1

CPE	Name	Operator	Version
ttcms:ttcms	ttcms	eq	2.2
ttcms:ttforum	ttcms ttforum	eq	1.1

References

securityreason.com/securityalert/3278

www.securityfocus.com/archive/1/321000

www.securityfocus.com/bid/7542

exchange.xforce.ibmcloud.com/vulnerabilities/12271

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.022 Low

EPSS

Percentile

89.5%

JSON

Related for CVE-2003-1459

nvd1 cvelist1 nessus2