Vulnerabilities > CVE-2006-2568 - Remote File Include vulnerability in UBB.threads Addpost_newpoll.PHP
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
PHP remote file inclusion vulnerability in addpost_newpoll.php in UBB.threads 6.4 through 6.5.2 and 6.5.1.1 (trial) allows remote attackers to execute arbitrary PHP code via a URL in the thispath parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 9 |
Exploit-Db
description | UBB Threads 6.4.x-6.5.2 (thispath) Remote File Inclusion Vulnerability. CVE-2006-2568. Webapps exploit for php platform |
file | exploits/php/webapps/1814.txt |
id | EDB-ID:1814 |
last seen | 2016-01-31 |
modified | 2006-05-22 |
platform | php |
port | |
published | 2006-05-22 |
reporter | V4mu |
source | https://www.exploit-db.com/download/1814/ |
title | UBB Threads 6.4.x-6.5.2 thispath Remote File Inclusion Vulnerability |
type | webapps |
Nessus
NASL family | CGI abuses |
NASL id | UBBTHREADS_THISPATH_FILE_INCLUDE.NASL |
description | The version of UBB.threads installed on the remote host fails to sanitize input to the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 21605 |
published | 2006-05-27 |
reporter | This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/21605 |
title | UBB.threads addpost_newpoll.php thispath Parameter Remote File Inclusion |
code |
|
References
- http://secunia.com/advisories/20242
- http://www.osvdb.org/25714
- http://www.securityfocus.com/bid/18075
- http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/4560078/an/0/page/0#Post4560078
- http://www.vupen.com/english/advisories/2006/1915
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26596
- https://www.exploit-db.com/exploits/1814