Lucene search
K

150 matches found

Cvelist
Cvelist
added 2003/03/18 5:0 a.m.22 views

CVE-2002-1422

admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters...

6.7AI score0.0661EPSS
Exploits1References4
Cvelist
Cvelist
added 2003/03/18 5:0 a.m.17 views

CVE-2002-1423

tmpview.php in FUDforum before 2.2.0 allows remote attackers to read arbitrary files via an absolute pathname in the file parameter...

6.7AI score0.03452EPSS
Exploits1References4
CVE
CVE
added 2003/03/18 5:0 a.m.43 views

CVE-2002-1422

The CVE-2002-1422 issue affects FUDforum prior to 2.2.0. Vulnerable component: admbrowse.php. Root cause: the cur and dest parameters allow URL-encoded pathnames to be used in a way that enables remote attackers to create or delete files. Impact: file creation/deletion via the web interface, with...

5CVSS7.1AI score0.0661EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2003/03/18 5:0 a.m.42 views

CVE-2002-1423

The CVE-2002-1423 issue concerns FUDforum, where tmp_view.php before version 2.2.0 allows remote attackers to read arbitrary files through an absolute pathname supplied in the file parameter. The underlying vulnerability is a path traversal/unsafe file inclusion in the tmp_view.php handler, enabl...

5CVSS7.1AI score0.03452EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2003/03/18 5:0 a.m.19 views

CVE-2002-1421

SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via 1 report.php, 2 selmsg.php, and 3 showposts.php...

7.8AI score0.02129EPSS
Exploits1References4
securityvulns
securityvulns
added 2002/08/20 12:0 a.m.46 views

FUDforum file access and SQL Injection

FUDforum file access and SQL Injection PROGRAM: FUDforum VENDOR: Advanced Internet Designs Inc. [email protected] HOMEPAGE: http://fud.prohost.org/ VULNERABLE VERSIONS: 2.0.2, possibly others IMMUNE VERSIONS: 2.2.0 and above LOGIN REQUIRED: no some issues, admin some issues SEVERITY: medium...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2002/08/19 12:0 a.m.30 views

Ilia Alshanetsky FUDForum 1.2.8/1.9.8/2.0.2 - File Disclosure

source: https://www.securityfocus.com/bid/5501/info Reportedly, FUDForum may disclose contents of arbitrary files to attackers. The vulnerability is the result of FUDForum failing to check the path of the file that is being requested. By simply making malicious requests via URI parameters, an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/08/19 12:0 a.m.29 views

Ilia Alshanetsky FUDForum 1.2.8/1.9.8/2.0.2 - File Modification

source: https://www.securityfocus.com/bid/5502/info Reportedly, it is possible for an administrator to manipulate create, modify etc. files outside of the FUDForum directories. This vulnerability is present in the 'adm/admbrowse.php' script. The vulnerability is the result of FUDForum allowing...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/08/19 12:0 a.m.22 views

Ilia Alshanetsky FUDForum 1.2.81.9.82.0.2 - File Modification

Ilia Alshanetsky FUDForum 1.2.81.9.82.0.2 - File Modification source: https://www.securityfocus.com/bid/5502/info Reportedly, it is possible for an administrator to manipulate create, modify etc. files outside of the FUDForum directories. This vulnerability is present in the 'adm/admbrowse.php'...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2002/08/19 12:0 a.m.18 views

Ilia Alshanetsky FUDForum 1.2.81.9.82.0.2 - File Disclosure

Ilia Alshanetsky FUDForum 1.2.81.9.82.0.2 - File Disclosure source: https://www.securityfocus.com/bid/5501/info Reportedly, FUDForum may disclose contents of arbitrary files to attackers. The vulnerability is the result of FUDForum failing to check the path of the file that is being requested. By...

0.3AI score
Exploits0
Rows per page
Query Builder