CyberSec.Space Logo
CVEブラウザに戻る

CVE-2002-1481

HIGH
7.5
CVSS Severity Score
EPSS Score0.2000%
EPSS Percentile22.68th
Published2003年4月22日
Last Modified2026年4月16日

Vulnerability Description

savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php.

Affected Platforms (CPE)

📦
Phpgb

Phpgb

= 1.10
📦
Phpgb

Phpgb

= 1.20

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-09/0076.html
🔗 http://www.iss.net/security_center/static/10065.php
🔗 http://www.securityfocus.com/bid/5679
🔗 http://archives.neohapsis.com/archives/bugtraq/2002-09/0076.html
🔗 http://www.iss.net/security_center/static/10065.php
🔗 http://www.securityfocus.com/bid/5679

関連する脆弱性情報

CVE-2002-148210.0

SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magic_quotes_gpc is not enabled, allows remote attackers...

CVE-2002-14806.8

Cross-site scripting (XSS) vulnerability in phpGB before 1.20 allows remote attackers to inject arbitrary HTML or script into gues...

CVE-2002-001210.0

Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges v...

CVE-2002-001310.0

Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial ...