CVE-2002-2200

Benjamin Lefevre Dobermann FORUM 0.5 - Code Injection

Title source: llm
STIX 2.1

Description

Benjamin Lefevre Dobermann FORUM 0.5 and earlier allows remote attackers to remotely include and execute malicious PHP files via the "subpath" variablein (1) entete.php, (2) enteteacceuil.php, (3) index.php, or (4) newtopic.php.

Exploits (4)

exploitdb WORKING POC VERIFIED
by frog · textwebappsphp
https://www.exploit-db.com/exploits/21970
exploitdb WORKING POC VERIFIED
by frog · textwebappsphp
https://www.exploit-db.com/exploits/21969
exploitdb WRITEUP VERIFIED
by frog · textwebappsphp
https://www.exploit-db.com/exploits/21968
exploitdb WRITEUP VERIFIED
by frog · textwebappsphp
https://www.exploit-db.com/exploits/21967

References (3)

Core 3
Core References
Mailing List mailing-list x_refsource_bugtraq
http://seclists.org/lists/bugtraq/2002/Oct/0397.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6057
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10492.php

Scores

EPSS 0.0335
EPSS Percentile 87.4%

Details

Status published
Products (5)
benjamin_lefevre/dobermann_forum 0.1
benjamin_lefevre/dobermann_forum 0.2
benjamin_lefevre/dobermann_forum 0.3
benjamin_lefevre/dobermann_forum 0.4
benjamin_lefevre/dobermann_forum 0.5
Published Dec 31, 2002
Tracked Since Feb 18, 2026