Vulnerabilities

CVE-2006-3611

by Fred · 14/07/2006

Directory traversal vulnerability in pm.php in Phorum 5 allows remote authenticated users to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[template] parameter, as demonstrated by injecting PHP sequences into a log file, which is then included by pm.php.

Date published : 2006-07-14

http://www.securityfocus.com/archive/1/439976/100/0/threaded

http://retrogod.altervista.org/phorum5_local_incl_xpl.html

Similar

Tags: Cybersecurity Alert