CVE-2006-2871

** DISPUTED **

PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. NOTE: CVE disputes this issue, since $script_path is set to a constant value.

Date published : 2006-06-06

http://www.securityfocus.com/bid/18272

http://www.securityfocus.com/archive/1/435977/100/0/threaded