RSS   Vulnerabilities for 'Phpbb plus'   RSS

2007-09-26
 
CVE-2007-5100

CWE-94
 

 
Multiple PHP remote file inclusion vulnerabilities in phpBB Plus 1.53, and 1.53a before 20070922, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) language/lang_german/lang_admin_album.php, (2) language/lang_english/lang_main_album.php, and (3) language/lang_english/lang_admin_album.php, different vectors than CVE-2007-5009.

 

 >>> Vendor: Phpbb 27 Products
Phpbb
Advanced quick reply hack
Phpbbmod
Phpbb plus
Spamblockermod
Lat2cyr
Journals system module
Prillian french
Ajax shoutbox
Acp user registration module
Searchindexer
Toplist
Amazonia mod
Insert user
Import tools
Maluinfo
Dimension
Ezboard converter
Mutant
Ip-tracking
Supanav
Garage
123 flash chat module
Module xs
Pjirc module
Tag board
Phpbb3


Copyright 2024, cxsecurity.com

 

Back to Top