CVE-2006-5281

Name of the Vulnerable Software and Affected Versions n@board versions 3.1.9e and earlier

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the skin parameter. This is a result of a PHP remote file inclusion vulnerability in the naboard pnr.php file.

Recommendations For versions 3.1.9e and earlier, update to a version later than 3.1.9e to resolve the issue. As a temporary workaround, consider restricting access to the naboard pnr.php file to minimize the risk of exploitation. Avoid using the skin parameter in the affected URL until the issue is resolved.