mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by modifying the MAIN_PATH parameter to reference a URL on a remote web server that contains the code.
Max CVSS
7.5
EPSS Score
0.51%
Published
2003-08-18
Updated
2016-10-18
1 vulnerabilities found