PT-2006-3789 · Cyboards · Cyboards Php Lite

Spc-X

Publicado

2006-06-06

Atualizado

2024-08-07

CVE-2006-2871

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions CyBoards PHP Lite version 1.25

Description A remote file inclusion issue exists due to the script path parameter in include/common.php, potentially allowing remote attackers to execute arbitrary PHP code via a URL.

Recommendations For CyBoards PHP Lite version 1.25, consider restricting access to the include/common.php file to minimize the risk of exploitation. Additionally, avoid using the script path parameter in URLs until the issue is resolved.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-2871

Produtos afetados

Cyboards Php Lite

PT-2006-3789 · Cyboards · Cyboards Php Lite

CVE-2006-2871

Identificadores relacionados

Produtos afetados

Referências · 9