CVE-2004-1573 Information

Description

The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777 which allows local users to execute arbitrary PHP code and gain privileges as the administrator.

Reference

http://echo.or.id/adv/adv07-y3dips-2004.txt http://marc.info/?l=bugtraq&m=109664986210763&w=2 http://securitytracker.com/id?1011484 http://www.securityfocus.com/bid/11301 https://exchange.xforce.ibmcloud.com/vulnerabilities/17571