← CVECheck
HomeVulnerabilities

CVE-2002-0764 — HIGH severity vulnerability (Phorum 3.3.2a allows remote attackers to execute arbitrary c)

Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a directory that contains a PHP file with the commands.

CVE IDCVE-2002-0764
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2002-08-12
Last modified2026-04-16
DescriptionPhorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a directory that contains a PHP file with the commands.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →