2 matches found
CVE-2003-1406
The CVE covers a PHP remote file inclusion in D-Forum 1.00 through 1.11. Vulnerable components are the header.php3 and footer.php3 scripts, exploitable via the my_header or my_footer parameters to inject a URL and execute arbitrary PHP code on the server. This results in potential remote code exe...
CVE-2003-1406
PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the 1 myheader parameter to header.php3 or 2 myfooter parameter to footer.php3...