← CVECheck
HomeVulnerabilities

CVE-2003-1373 — MEDIUM severity vulnerability (Directory traversal vulnerability in auth.php for PhpBB 1.4.)

Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in prefs.php.

CVE IDCVE-2003-1373
SeverityMEDIUM
CVSS score6.8
CVSS vectorAV:N/AC:M/Au:N/C:P/I:P/A:P
CWECWE-22
StatusModified
Published2003-12-31
Last modified2026-04-16
DescriptionDirectory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in prefs.php.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →