Ilia Alshanetsky : Security vulnerabilities, CVEs published in 2003

Copy

CVE-2002-1423

tmp_view.php in FUDforum before 2.2.0 allows remote attackers to read arbitrary files via an absolute pathname in the file parameter.

Max CVSS

5.0

EPSS Score

1.91%

Published

2003-04-11

Updated

2008-09-05

CVE-2002-1422

admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters.

Max CVSS

5.0

EPSS Score

2.14%

Published

2003-04-11

Updated

2008-09-05

CVE-2002-1421

SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via (1) report.php, (2) selmsg.php, and (3) showposts.php.

Max CVSS

7.5

EPSS Score

0.22%

Published

2003-04-11

Updated

2008-09-05

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!