PT-2009-1850 · Phpbb · Multi Seo Phpbb

Publicado

2009-03-02

Atualizado

2017-09-29

CVE-2008-6377

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Multi SEO phpBB version 1.1.0

Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the pfad parameter in the include/global.php file.

Recommendations: For Multi SEO phpBB version 1.1.0, update to a version where this issue has been fixed, or as a temporary workaround, consider restricting access to the include/global.php file to minimize the risk of exploitation. Avoid using the pfad parameter in the affected file until the issue is resolved.

Exploit

Correção

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

CVE-2008-6377

Produtos afetados

Multi Seo Phpbb

PT-2009-1850 · Phpbb · Multi Seo Phpbb

CVE-2008-6377

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5