Directory traversal vulnerability in action_admin/paysubscriptions.php in Invision Power Board (IPB) 2.1.x and 2.0.x prior to 20060425 allows remote authenticated administrators to include and execute arbitrary local PHP files via a .. (dot dot) in the name parameter, preceded by enough backspace (%08) characters to erase the initial static portion of a filename.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
invision power services invision power board 2.0.x |
||
invision power services invision power board 2.1.x |