PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute arbitrary PHP code viaa URL in the prefix parameter to (1) dbase.php, (2) config.php, or (3) common.load.php.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2003-01/0049.html | Exploit Vendor Advisory |
http://www.iss.net/security_center/static/11009.php |
Configurations
History
No history.
Information
Published : 2003-12-31 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2003-1253
Mitre link : CVE-2003-1253
CVE.ORG link : CVE-2003-1253
JSON object : View
Products Affected
sangwan_kim
- bookmark4u
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')