Vulnerability Details CVE-2003-1487
Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.076
EPSS Ranking 91.6%
CVSS Severity
CVSS v2 Score 10.0
References
- http://securityreason.com/securityalert/3288
- http://www.securityfocus.com/archive/1/321310
- http://www.securityfocus.com/bid/7574
- http://www.securityfocus.com/bid/7578
- http://www.securityfocus.com/bid/7579
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12500
- http://securityreason.com/securityalert/3288
- http://www.securityfocus.com/archive/1/321310
- http://www.securityfocus.com/bid/7574
- http://www.securityfocus.com/bid/7578
- http://www.securityfocus.com/bid/7579
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12500