CVE-2001-0527

Name of the Vulnerable Software and Affected Versions: DCScripts DCForum versions 2000 and earlier

Description: The issue allows a remote attacker to gain additional privileges by inserting pipe symbols (|) and newlines into the last name in the registration form. This action creates an extra entry in the registration database.

Recommendations: For DCScripts DCForum versions 2000 and earlier, as a temporary workaround, consider restricting access to the registration form until a patch is available. Avoid using the last name field in the registration form with unvalidated input until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.