CVE-2002-1481

Name of the Vulnerable Software and Affected Versions phpGB versions 1.20 and earlier

Description The issue allows remote attackers to cause a denial of service or execute arbitrary PHP code by modifying config.php using savesettings.php, as it does not require authentication.

Recommendations For phpGB versions 1.20 and earlier, consider restricting access to savesettings.php to prevent unauthorized modifications to config.php until a patch is available. As a temporary workaround, implement authentication for savesettings.php to minimize the risk of exploitation.