Main Vulnerability Database Vulnerabilities #VU34849

#VU34849 Code Injection in FUDForum - CVE-2013-2267

Published: January 27, 2020 / Updated: August 9, 2020

Vulnerability identifier: #VU34849

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Green

CVE-ID: CVE-2013-2267

CWE-ID: CWE-94

Exploitation vector: Remote access

Exploit availability: Public exploit is available

Vulnerable software:
FUDForum

Software vendor:
FUDforum

Description

The vulnerability allows a remote privileged user to execute arbitrary code.

PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system.

Install update from vendor's website.