← back
CVE-2002-1481

CVE-2002-1481

EPSS 7.2%
savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/21783unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2002-09/0076.htmlhttp://www.iss.net/security_center/static/10065.phphttp://www.securityfocus.com/bid/5679