Vulnerabilities > CVE-2002-0734 - Unspecified vulnerability in Michel Valdrighi B2 0.6Pre

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
michel-valdrighi
exploit available

Summary

b2edit.showposts.php in B2 2.0.6pre2 and earlier does not properly load the b2config.php file in some configurations, which allows remote attackers to execute arbitrary PHP code via a URL that sets the $b2inc variable to point to a malicious program stored on a remote server.

Vulnerable Configurations

Part Description Count
Application
Michel_Valdrighi
1

Exploit-Db

descriptionB2 0.6 b2edit.showposts.php b2inc Parameter Remote File Inclusion. CVE-2002-0734 . Webapps exploit for php platform
idEDB-ID:21436
last seen2016-02-02
modified2002-05-06
published2002-05-06
reporterFrank
sourcehttps://www.exploit-db.com/download/21436/
titleB2 0.6 b2edit.showposts.php b2inc Parameter Remote File Inclusion