2 matches found
CVE-2002-0287
The vulnerability affects Powie PHP Forum versions prior to 1.15. The root cause is that PHP magic_quotes is not explicitly enabled by default, enabling an attacker to bypass authentication and gain administrator privileges via an SQL injection when the PHP server is not configured to use magic q...
CVE-2002-0287
pforum 1.14 and earlier does not explicitly enable PHP magic quotes, which allows remote attackers to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default...