PT-2006-3789 · Cyboards · Cyboards Php Lite
Spc-X
+1
·
Published
2006-06-06
·
Updated
2024-08-07
·
CVE-2006-2871
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
CyBoards PHP Lite version 1.25
Description
A remote file inclusion issue exists due to the
script path parameter in include/common.php, potentially allowing remote attackers to execute arbitrary PHP code via a URL.Recommendations
For CyBoards PHP Lite version 1.25, consider restricting access to the
include/common.php file to minimize the risk of exploitation. Additionally, avoid using the script path parameter in URLs until the issue is resolved.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cyboards Php Lite