CVE Vulnerabilities

CVE-2001-0527

Published: Aug 14, 2001 | Modified: Oct 10, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

DCScripts DCForum versions 2000 and earlier allow a remote attacker to gain additional privileges by inserting pipe symbols (|) and newlines into the last name in the registration form, which will create an extra entry in the registration database.

Affected Software

Name Vendor Start Version End Version
Dcforum Dcscripts 6.0 6.0
Dcforum_2000 Dcscripts 1.0 1.0

References