CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2003-1373

Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in prefs.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.7%

CVSS Severity

CVSS v2 Score 6.8

References

http://archives.neohapsis.com/archives/bugtraq/2003-02/0245.html
http://www.securityfocus.com/bid/6889
https://exchange.xforce.ibmcloud.com/vulnerabilities/11407
http://archives.neohapsis.com/archives/bugtraq/2003-02/0245.html
http://www.securityfocus.com/bid/6889
https://exchange.xforce.ibmcloud.com/vulnerabilities/11407

Products affected by CVE-2003-1373

Phpbb Group » Phpbb » Version: 1.4.0

cpe:2.3:a:phpbb_group:phpbb:1.4.0
Phpbb Group » Phpbb » Version: 1.4.1

cpe:2.3:a:phpbb_group:phpbb:1.4.1
Phpbb Group » Phpbb » Version: 1.4.2

cpe:2.3:a:phpbb_group:phpbb:1.4.2
Phpbb Group » Phpbb » Version: 1.4.4

cpe:2.3:a:phpbb_group:phpbb:1.4.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-1373

Products

Pricing

Contact Us