Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2200

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-2200
Last Modified 10 Sep 2008 03:16:46
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-2200

Summary

Benjamin Lefevre Dobermann FORUM 0.5 and earlier allows remote attackers to remotely include and execute malicious PHP files via the "subpath" variablein (1) entete.php, (2) enteteacceuil.php, (3) index.php, or (4) newtopic.php.

Vulnerable Systems

Application

  • Benjamin Lefevre Dobermann Forum 0.1

  • Benjamin Lefevre Dobermann Forum 0.2

  • Benjamin Lefevre Dobermann Forum 0.3

  • Benjamin Lefevre Dobermann Forum 0.4

  • Benjamin Lefevre Dobermann Forum 0.5


References

BID - 6057

XF - dobermann-php-file-include(10492)

BUGTRAQ - 20021027 dobermann FORUM (php)


Last Updated: 27 May 2016 10:37:38