Published: 06/06/2006 Updated: 17/05/2024

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remote malicious users to execute arbitrary PHP code via a URL in the script_path parameter. NOTE: CVE disputes this issue, since $script_path is set to a constant value

Vulnerable Product	Search on Vulmon	Subscribe to Product
cyboards cyboards php lite 1.25

source: wwwsecurityfocuscom/bid/18272/info CyBoards PHP Lite is prone to a remote file-include vulnerability An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process This may allow the attacker to compromise the application and the underl ...

NVD-CWE-Other http://www.securityfocus.com/bid/18272 http://securitytracker.com/id?1016225 http://www.osvdb.org/26596 http://www.attrition.org/pipermail/vim/2007-April/001510.html http://securityreason.com/securityalert/1051 https://exchange.xforce.ibmcloud.com/vulnerabilities/26962 http://www.securityfocus.com/archive/1/435977/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/27970/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-2871

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect