CVE-2003-1253

PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute arbitrary PHP code viaa URL in the prefix parameter to (1) dbase.php, (2) config.php, or (3) common.load.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sangwan_kim:bookmark4u:1.8.3:*:*:*:*:*:*:*

History

20 Nov 2024, 23:46

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2003-01/0049.html - Exploit, Vendor Advisory () http://archives.neohapsis.com/archives/bugtraq/2003-01/0049.html - Exploit, Vendor Advisory
References () http://www.iss.net/security_center/static/11009.php - () http://www.iss.net/security_center/static/11009.php -

Information

Published : 2003-12-31 05:00

Updated : 2024-11-20 23:46


NVD link : CVE-2003-1253

Mitre link : CVE-2003-1253

CVE.ORG link : CVE-2003-1253


JSON object : View

Products Affected

sangwan_kim

  • bookmark4u
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')