CVE-2007-3085
N/A
Summary
Multiple PHP remote file inclusion vulnerabilities in PBSite allow remote attackers to execute arbitrary PHP code via a URL in the (1) dbpath parameter to (a) useronline.php, (b) ucp.php, (c) setcookie.php, (d) sendpm.php, (e) search.php, (f) register.php, (g) profile.php, (h) post.php, (i) pmpshow.php, (j) pm.php, (k) ntopic.php, (l) nreply.php, (m) news.php, (n) memberslist.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (u) editpost.php, (v) delpost.php, (w) delpm.php, (x) confirm.php, (y) board.php, (z) admin2.php, (aa) admin.php, or (bb) templates/pb/css/formstyles.php; or the (2) temppath parameter to (a) useronline.php, (c) setcookie.php, (e) search.php, (f) register.php, (h) post.php, (l) nreply.php, (m) news.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (w) delpm.php, (x) confirm.php, or (y) board.php.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://osvdb.org/38763
- http://osvdb.org/38780
- http://osvdb.org/38767
- http://osvdb.org/38759
- http://www.securityfocus.com/archive/1/470239/100/0/threaded
- http://www.securityfocus.com/archive/1/470347/100/0/threaded
- http://osvdb.org/38781
- http://osvdb.org/38776
- http://osvdb.org/38762
- http://osvdb.org/38771
- http://osvdb.org/38777
- http://osvdb.org/38784
- http://osvdb.org/38775
- http://securityreason.com/securityalert/2777
- http://osvdb.org/38779
- http://osvdb.org/38778
- http://osvdb.org/38770
- http://osvdb.org/38760
- http://osvdb.org/38785
- http://osvdb.org/38774
- http://osvdb.org/38773
- http://osvdb.org/38761
- http://osvdb.org/38768
- http://osvdb.org/38769
- http://osvdb.org/38782
- http://osvdb.org/38783
- http://osvdb.org/38764
- http://osvdb.org/38786
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34675
- http://osvdb.org/38772
- http://osvdb.org/38765
- http://osvdb.org/38766
References
- http://osvdb.org/38763
- http://osvdb.org/38780
- http://osvdb.org/38767
- http://osvdb.org/38759
- http://www.securityfocus.com/archive/1/470239/100/0/threaded
- http://www.securityfocus.com/archive/1/470347/100/0/threaded
- http://osvdb.org/38781
- http://osvdb.org/38776
- http://osvdb.org/38762
- http://osvdb.org/38771
- http://osvdb.org/38777
- http://osvdb.org/38784
- http://osvdb.org/38775
- http://securityreason.com/securityalert/2777
- http://osvdb.org/38779
- http://osvdb.org/38778
- http://osvdb.org/38770
- http://osvdb.org/38760
- http://osvdb.org/38785
- http://osvdb.org/38774
- http://osvdb.org/38773
- http://osvdb.org/38761
- http://osvdb.org/38768
- http://osvdb.org/38769
- http://osvdb.org/38782
- http://osvdb.org/38783
- http://osvdb.org/38764
- http://osvdb.org/38786
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34675
- http://osvdb.org/38772
- http://osvdb.org/38765
- http://osvdb.org/38766
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.