Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0320

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0320
Last Modified 05 Sep 2008 04:34:02
Published 09 Jun 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0320

Summary

header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting the ttcms_user_admin parameter to "1" and modifying the admin_root parameter to point to a URL that contains a Trojan horse header.inc.php script.

Vulnerable Systems

Application

  • Andy Prevost Ttcms 2.3


References

BUGTRAQ - 20030517 Remote code execution in ttCMS <=v2.3


Last Updated: 27 May 2016 10:37:52