CVE-2003-1373 — MEDIUM severity vulnerability (Directory traversal vulnerability in auth.php for PhpBB 1.4.)
Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in prefs.php.
| CVE ID | CVE-2003-1373 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 6.8 |
| CVSS vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
| CWE | CWE-22 |
| Status | Modified |
| Published | 2003-12-31 |
| Last modified | 2026-04-16 |
| Description | Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in prefs.php. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →