Vulnerabilities > CVE-2006-1816 - Remote Security vulnerability in Vbulletin 3.5.1/3.5.2/3.5.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
PHP remote file inclusion vulnerability in VBulletin 3.5.1, 3.5.2, and 3.5.4 allows remote attackers to execute arbitrary code via a URL in the systempath parameter to (1) ImpExModule.php, (2) ImpExController.php, and (3) ImpExDisplay.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
References
- http://secunia.com/advisories/19352
- http://www.osvdb.org/24690
- http://www.osvdb.org/24691
- http://www.osvdb.org/24692
- http://www.securityfocus.com/archive/1/430881/100/0/threaded
- http://www.securityfocus.com/archive/1/467666/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25789
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34095