CVE-2002-1481

2003-03-1805:00:00

mitre

www.cve.org

AI Score

7.7

Confidence

High

EPSS

0.015

Percentile

86.8%

JSON

savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php.

References

archives.neohapsis.com/archives/bugtraq/2002-09/0076.html

www.iss.net/security_center/static/10065.php

www.securityfocus.com/bid/5679