← CVECheck
HomeVulnerabilities

CVE-2002-0287 — HIGH severity vulnerability (pforum 1.14 and earlier does not explicitly enable PHP magic)

pforum 1.14 and earlier does not explicitly enable PHP magic quotes, which allows remote attackers to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default.

CVE IDCVE-2002-0287
SeverityHIGH
CVSS score10.0
CVSS vectorAV:N/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published2002-05-31
Last modified2026-04-16
Descriptionpforum 1.14 and earlier does not explicitly enable PHP magic quotes, which allows remote attackers to bypass authentication and gain administrator privileges via an SQL injection attack when the PHP server is not configured to use magic quotes by default.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →