CVE-2002-2200

Name of the Vulnerable Software and Affected Versions: Benjamin Lefevre Dobermann FORUM versions 0.5 and earlier

Description: The issue allows remote attackers to include and execute malicious PHP files. This is achieved via the subpath variable in several PHP files, including "entete.php", "enteteacceuil.php", "index.php", and "newtopic.php".

Recommendations: For versions 0.5 and earlier, consider restricting access to the subpath variable in the affected PHP files until a patch is available. As a temporary workaround, disabling the execution of remote PHP files in "entete.php", "enteteacceuil.php", "index.php", and "newtopic.php" can help minimize the risk of exploitation.