Ultimate PHP Board Header_simple.PHP Remote File Include Vulnerability
BID:20936
Info
Ultimate PHP Board Header_simple.PHP Remote File Include Vulnerability
| Bugtraq ID: | 20936 |
| Class: | Input Validation Error |
| CVE: |
CVE-2006-7169 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 06 2006 12:00AM |
| Updated: | Jul 06 2016 02:40PM |
| Credit: | Kacper is credited with the discovery of this vulnerability. |
| Vulnerable: |
Ultimate PHP Board Ultimate PHP Board 2.0 Ultimate PHP Board Ultimate PHP Board 1.9.6 Ultimate PHP Board Ultimate PHP Board 1.9 Ultimate PHP Board Ultimate PHP Board 1.8.2 Ultimate PHP Board Ultimate PHP Board 1.8 Ultimate PHP Board Ultimate PHP Board 1.0 b Ultimate PHP Board Ultimate PHP Board 1.0 final beta Ultimate PHP Board Ultimate PHP Board 1.0 |
| Not Vulnerable: | |
Discussion
Ultimate PHP Board Header_simple.PHP Remote File Include Vulnerability
Ultimate PHP Board is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
Ultimate PHP Board 2.0 and prior versions are vulnerable to this issue.
Ultimate PHP Board is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
Ultimate PHP Board 2.0 and prior versions are vulnerable to this issue.
Exploit / POC
Ultimate PHP Board Header_simple.PHP Remote File Include Vulnerability
An attacker can exploit this issue via a web client.
The following exploit code is available:
An attacker can exploit this issue via a web client.
The following exploit code is available:
Solution / Fix
Ultimate PHP Board Header_simple.PHP Remote File Include Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Ultimate PHP Board Header_simple.PHP Remote File Include Vulnerability
References:
References:
- Ultimate PHP Board Homepage (Ultimate PHP Board)