Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1244

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-1244
Last Modified 05 Sep 2008 04:36:25
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1244

Summary

SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php.

Vulnerable Systems

Application

  • Phpbb Group Phpbb 2.0.0

  • Phpbb Group Phpbb 2.0.1

  • Phpbb Group Phpbb 2.0.2


References

BID - 6888

XF - phpbb-pageheader-sql-injection(11376)

BUGTRAQ - 20030220 phpBB Security Bugs


Last Updated: 27 May 2016 10:38:17