Published: 31/12/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote malicious users to execute arbitrary PHP code by modifying the phpbb_root_path parameter to reference a URL on a remote web server that contains the code.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phpbb group phpbb 2.0.6
phpbb group phpbb 2.0.7
phpbb group phpbb rc4
phpbb group phpbb 2.0.0
phpbb group phpbb 2.0.1
phpbb group phpbb 2.0.8
phpbb group phpbb 2.0.9
phpbb group phpbb 2.0.10
phpbb group phpbb 2.0.2
phpbb group phpbb 2.0.3
phpbb group phpbb rc1
phpbb group phpbb rc1_pre
phpbb group phpbb 2.0.4
phpbb group phpbb 2.0.5
phpbb group phpbb rc2
phpbb group phpbb rc3

source: wwwsecurityfocuscom/bid/11701/info A vulnerability is reported to exist in the phpBB Cash_Mod module that may allow an attacker to include malicious PHP files containing arbitrary code to be executed on a vulnerable system Remote attackers could potentially exploit this issue via a vulnerable variable to include a remote malicio ...

NVD-CWE-Other http://marc.info/?l=bugtraq&m=110082153702843&w=2 http://marc.info/?l=bugtraq&m=110075903308817&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18151 https://nvd.nist.gov https://www.exploit-db.com/exploits/24751/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-1535

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect