RSS   Vulnerabilities for '123 flash chat module'   RSS

2008-03-05
 
CVE-2008-1171

CWE-94
 

 
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in the 123 Flash Chat Module for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) 123flashchat.php and (2) phpbb_login_chat.php. NOTE: CVE disputes this issue because $phpbb_root_path is explicitly set to "./" in both programs.

 

 >>> Vendor: Phpbb 27 Products
Phpbb
Advanced quick reply hack
Phpbbmod
Spamblockermod
Lat2cyr
Journals system module
Prillian french
Ajax shoutbox
Acp user registration module
Searchindexer
Toplist
Amazonia mod
Insert user
Import tools
Maluinfo
Dimension
Ezboard converter
Mutant
Ip-tracking
Supanav
Phpbb plus
Garage
123 flash chat module
Module xs
Pjirc module
Tag board
Phpbb3


Copyright 2022, cxsecurity.com

 

Back to Top