CVE-2006-2675

Name of the Vulnerable Software and Affected Versions UBBThreads versions 5.x through 6.x

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the thispath or configdir parameters. This can be exploited by providing a malicious URL as the value for these parameters.

Recommendations For UBBThreads versions 5.x through 6.x, consider restricting access to the ubbt.inc.php file and avoid using user-provided input for the thispath and configdir parameters until a patch is available. As a temporary workaround, restrict the use of these parameters to minimize the risk of exploitation.