PT-2002-2999 · Phpbb · Phpbb
Published
2002-12-31
·
Updated
2017-07-29
·
CVE-2002-2287
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
phpBB Advanced Quick Reply Hack versions 1.0.0 through 1.1.0
Description:
The issue allows remote attackers to execute arbitrary PHP code via the
phpbb root path parameter in the quick reply.php file.Recommendations:
For versions 1.0.0 through 1.1.0, consider restricting access to the quick reply.php file until a patch is available. Avoid using the
phpbb root path parameter in the affected file to minimize the risk of exploitation.Exploit
Fix
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Phpbb