- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-200411-32 (phpBB: Remote command execution)
phpBB contains a vulnerability in the highlighting code and several vulnerabilities in the username handling code.
Impact :
An attacker can exploit the highlighting vulnerability to access the PHP exec() function without restriction, allowing them to run arbitrary commands with the rights of the web server user (for example the apache user). Furthermore, the username handling vulnerability might be abused to execute SQL statements on the phpBB database
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top