CVE-2003-1252

EPSS 3.1%

register.php in S8Forum 3.0 allows remote attackers to execute arbitrary PHP commands by creating a user whose name ends in a .php extension and entering the desired commands into the E-mail field, which creates a web-accessible .php file that can be called by the attacker, as demonstrated using a "system($cmd)" E-mail address with a "any_name.php" username.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/22134unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0004.html http://secunia.com/advisories/7819 http://www.iss.net/security_center/static/10974.php http://www.securityfocus.com/archive/1/305406 http://www.securityfocus.com/bid/6547 http://www.securitytracker.com/id?1005881