CyberSec.Space Logo
CVEブラウザに戻る

CVE-2002-1482

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0710%
EPSS Percentile16.92th
Published2003年4月22日
Last Modified2026年4月16日

Vulnerability Description

SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magic_quotes_gpc is not enabled, allows remote attackers to gain administrative privileges via SQL code in the password entry.

Affected Platforms (CPE)

📦
Phpgb

Phpgb

= 1.10
📦
Phpgb

Phpgb

= 1.20
📦
Phpgb

Phpgb

= 1.30

References & Advisories

🔗 http://archives.neohapsis.com/archives/bugtraq/2002-09/0076.html
🔗 http://www.iss.net/security_center/static/10068.php
🔗 http://www.securityfocus.com/bid/5673
🔗 http://archives.neohapsis.com/archives/bugtraq/2002-09/0076.html
🔗 http://www.iss.net/security_center/static/10068.php
🔗 http://www.securityfocus.com/bid/5673

関連する脆弱性情報

CVE-2002-14817.5

savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of ser...

CVE-2002-14806.8

Cross-site scripting (XSS) vulnerability in phpGB before 1.20 allows remote attackers to inject arbitrary HTML or script into gues...

CVE-2002-136910.0

jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing...

CVE-2002-039410.0

Red-M 1050 (Bluetooth Access Point) uses case insensitive passwords, which makes it easier for attackers to conduct a brute force ...