Vulnerabilities > CVE-2006-1203 - Remote PHP Script Code Injection vulnerability in txtForum
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, related to include statements in common.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |