Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) news.php, (2) search.php, or (3) whosOnline.php.
Link | Tags |
---|---|
http://securityreason.com/securityalert/1315 | third party advisory |
http://securitytracker.com/id?1016557 | vdb entry exploit |
http://www.osvdb.org/28675 | vdb entry |
http://securitytracker.com/id?1016558 | vdb entry exploit |
http://www.osvdb.org/28676 | vdb entry |
http://www.securityfocus.com/archive/1/440875/100/100/threaded | mailing list |
http://www.osvdb.org/28674 | vdb entry |
http://www.securityfocus.com/bid/19095 | vdb entry exploit |
http://www.securityfocus.com/archive/1/440839/100/100/threaded | mailing list |
https://exchange.xforce.ibmcloud.com/vulnerabilities/27905 | vdb entry |