Back to search
CVE-2003-1148
Published: May 10, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allow remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter to (1) config.inc.php or (2) new-visitor.inc.php in common/visiteurs/include/.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
3586
vdb-entry
x_refsource_OSVDB
20031026 Les Visiteurs v2.0.1 code injection vulnerability
mailing-list
x_refsource_BUGTRAQ
1008011
vdb-entry
x_refsource_SECTRACK
2717
vdb-entry
x_refsource_OSVDB
8902
vdb-entry
x_refsource_BID
1017065
vdb-entry
x_refsource_SECTRACK
les-visiteurs-file-include(13529)
vdb-entry
x_refsource_XF
10079
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now