CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2001-0527

DCScripts DCForum versions 2000 and earlier allow a remote attacker to gain additional privileges by inserting pipe symbols (|) and newlines into the last name in the registration form, which will create an extra entry in the registration database.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.041

EPSS Ranking 88.1%

CVSS Severity

CVSS v2 Score 10.0

References

http://archives.neohapsis.com/archives/bugtraq/2001-05/0122.html
http://www.dcscripts.com/dcforum/dcfNews/167.html
http://www.osvdb.org/480
http://www.securityfocus.com/bid/2728
https://exchange.xforce.ibmcloud.com/vulnerabilities/6538
http://archives.neohapsis.com/archives/bugtraq/2001-05/0122.html
http://www.dcscripts.com/dcforum/dcfNews/167.html
http://www.osvdb.org/480
http://www.securityfocus.com/bid/2728
https://exchange.xforce.ibmcloud.com/vulnerabilities/6538

Products affected by CVE-2001-0527

Dcscripts » Dcforum » Version: 6.0

cpe:2.3:a:dcscripts:dcforum:6.0
Dcscripts » Dcforum 2000 » Version: 1.0

cpe:2.3:a:dcscripts:dcforum_2000:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-0527

Products

Pricing

Contact Us