Vulnerabilities > CVE-2002-0734 - Unspecified vulnerability in Michel Valdrighi B2 0.6Pre
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN michel-valdrighi
exploit available
Summary
b2edit.showposts.php in B2 2.0.6pre2 and earlier does not properly load the b2config.php file in some configurations, which allows remote attackers to execute arbitrary PHP code via a URL that sets the $b2inc variable to point to a malicious program stored on a remote server.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | B2 0.6 b2edit.showposts.php b2inc Parameter Remote File Inclusion. CVE-2002-0734 . Webapps exploit for php platform |
| id | EDB-ID:21436 |
| last seen | 2016-02-02 |
| modified | 2002-05-06 |
| published | 2002-05-06 |
| reporter | Frank |
| source | https://www.exploit-db.com/download/21436/ |
| title | B2 0.6 b2edit.showposts.php b2inc Parameter Remote File Inclusion |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-05/0027.html
- http://archives.neohapsis.com/archives/bugtraq/2002-05/0027.html
- http://cafelog.com/
- http://cafelog.com/
- http://www.iss.net/security_center/static/9013.php
- http://www.iss.net/security_center/static/9013.php
- http://www.securityfocus.com/bid/4673
- http://www.securityfocus.com/bid/4673