CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-1707

install.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "register_globals" variables are set to "on", allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_dir parameter to reference a URL on a remote web server that contains the code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.7%

CVSS Severity

CVSS v2 Score 5.0

References

http://online.securityfocus.com/archive/1/277318
http://www.securityfocus.com/bid/5038
https://exchange.xforce.ibmcloud.com/vulnerabilities/9370
http://online.securityfocus.com/archive/1/277318
http://www.securityfocus.com/bid/5038
https://exchange.xforce.ibmcloud.com/vulnerabilities/9370

Products affected by CVE-2002-1707

Phpbb Group » Phpbb » Version: 2.0.0

cpe:2.3:a:phpbb_group:phpbb:2.0.0
Phpbb Group » Phpbb » Version: 2.0.1

cpe:2.3:a:phpbb_group:phpbb:2.0.1
Phpbb Group » Phpbb » Version: 2.0_rc1

cpe:2.3:a:phpbb_group:phpbb:2.0_rc1
Phpbb Group » Phpbb » Version: 2.0_rc2

cpe:2.3:a:phpbb_group:phpbb:2.0_rc2
Phpbb Group » Phpbb » Version: 2.0_rc3

cpe:2.3:a:phpbb_group:phpbb:2.0_rc3
Phpbb Group » Phpbb » Version: 2.0_rc4

cpe:2.3:a:phpbb_group:phpbb:2.0_rc4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-1707

Products

Pricing

Contact Us