CVE-2003-1487

Name of the Vulnerable Software and Affected Versions Phorum versions 3.4 through 3.4.2

Description The issue allows remote attackers to execute arbitrary commands and modify configuration files. This can be achieved via the UserAdmin program, Edit user profile, or stats program.

Recommendations For Phorum versions 3.4 through 3.4.2, consider disabling the UserAdmin program, Edit user profile, and stats program until a patch is available to prevent command injection attacks. Restrict access to these components to minimize the risk of exploitation.