CVE-2004-1573

Name of the Vulnerable Software and Affected Versions AJ-Fork version 167

Description The issue arises from the documentation of AJ-Fork, which suggests setting permissions for users.db.php to 777. This setting allows local users to execute arbitrary PHP code, potentially leading to privilege escalation as the administrator.

Recommendations For AJ-Fork version 167, change the permissions of users.db.php to a more restrictive setting to prevent local users from executing arbitrary PHP code.