Vulnerability CVE-2003-1253


Published: 2003-12-31   Modified: 2012-02-12

Description:
PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute arbitrary PHP code viaa URL in the prefix parameter to (1) dbase.php, (2) config.php, or (3) common.load.php.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Sangwan kim -> Bookmark4u 

 References:
http://www.iss.net/security_center/static/11009.php
http://archives.neohapsis.com/archives/bugtraq/2003-01/0049.html

Copyright 2024, cxsecurity.com

 

Back to Top