PT-2006-5831 · Tagmin · Tagit! Tagboard
Kernel-32
·
Published
2006-09-29
·
Updated
2017-10-19
·
CVE-2006-5093
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
TagIt! Tagboard version 2.1.B Build 2
Description
The issue allows remote attackers to execute arbitrary PHP code via a URL in the
page parameter in the index.php file of the Tagmin Control Center.Recommendations
For TagIt! Tagboard version 2.1.B Build 2, consider restricting access to the
index.php file or validating and sanitizing the page parameter to prevent remote file inclusion attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tagit! Tagboard