Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1482

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-1482
Last Modified 05 Sep 2008 04:30:43
Published 22 Apr 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1482

Summary

SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magic_quotes_gpc is not enabled, allows remote attackers to gain administrative privileges via SQL code in the password entry.

Vulnerable Systems

Application

  • Phpgb 1.10

  • Phpgb 1.20

  • Phpgb 1.30


References

BID - 5673

XF - phpgb-login-sql-injection(10068)

BUGTRAQ - 20020909 phpGB: DoS and executing_arbitrary_commands


Last Updated: 27 May 2016 10:37:21