Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2003-1487

Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program.

  • Published: Dec 31, 2003
  • Updated: Apr 13, 2023
  • CVE: CVE-2003-1487
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
phorum / phorum 3.4 3.4.x
phorum / phorum 3.4.2 3.4.2.x
phorum / phorum 3.4.1 3.4.1.x