Command Injection Vulnerabilities in Phorum 3.4 through 3.4.2

Command Injection Vulnerabilities in Phorum 3.4 through 3.4.2

CVE-2003-1487 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program.

Learn more about our User Device Pen Test.