Vulnerabilities > CVE-2005-0630 - Directory Traversal vulnerability in PBLang Bulletin Board System
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathname in the orig parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Nessus
NASL family | CGI abuses |
NASL id | PBLANG_XSS.NASL |
description | According to its banner, the remote host is running a version of PBLang BBS, a bulletin board system written in PHP, that suffers from the following vulnerabilities: - HTML Injection Vulnerability in pmpshow.php. An attacker can inject arbitrary HTML and script into the body of PMs sent to users allowing for theft of authentication cookies or misrepresentation of the site. - Cross-Site Scripting Vulnerability in search.php. If an attacker can trick a user into following a specially crafted link to search.php from an affected version of PBLang, he can inject arbitrary script into the user |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 17209 |
published | 2005-02-24 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/17209 |
title | PBLang BBS <= 4.65 Multiple Vulnerabilities |