Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0320


Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0320
Last Modified 05 Sep 2008 04:34:02
Published 09 Jun 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting the ttcms_user_admin parameter to "1" and modifying the admin_root parameter to point to a URL that contains a Trojan horse script.

Vulnerable Systems


  • Andy Prevost Ttcms 2.3


BUGTRAQ - 20030517 Remote code execution in ttCMS <=v2.3

Last Updated: 27 May 2016 10:37:52