7.5
CVSSv2

CVE-2006-6633

Published: 18/12/2006 Updated: 19/10/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

PHP remote file inclusion vulnerability in include/yapbb_session.php in YapBB 1.2 Beta2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[include_Bit] parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

yapbb yapbb 1.2

yapbb yapbb 1.1

yapbb yapbb

Exploits

#!/usr/bin/php -q -d short_open_tag=on <? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ +#+ +:+ +#++:++# +#+ +:+ +#+ +#+ +#+ +#+ +#+ +#+ +#+ +#+ +#+ #+# ...