exploitDog

GHSA-whg7-cqjh-3q4x

Опубликовано: 29 апр. 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program.

Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program.

Ссылки

EPSS

Процентиль: 91%

0.06448

Низкий

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2003-1487

nvd

больше 21 года назад

Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program.

EPSS

Процентиль: 91%

0.06448

Низкий

CVE ID

Дефекты

CWE-20