cpe:/a:phorum:phorum:3.4 cpe:/a:phorum:phorum:3.4.1 cpe:/a:phorum:phorum:3.4.2 CVE-2003-1487 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.983-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2007-12-12T13:44:00.000-05:00 ALLOWS_ADMIN_ACCESS BUGTRAQ 20030513 Phorum Vulnerabilities SREASON 3288 BID 7574 BID 7578 BID 7579 XF phorum-command-execution(12500) Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program.