Vulnerabilities > CVE-2006-2675 - Remote Security vulnerability in UBB.threads

047910
CVSS 5.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
high complexity
ubbcentral
exploit available
NVD
Published: 2006-05-30
Updated: 2018-10-18

Summary

PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote attackers to execute arbitrary PHP code via a URL in the (1) thispath or (2) configdir parameters. Successful exploitation requires that "register_globals" is enabled.

Vulnerable Configurations

Part Description Count
Application
Ubbcentral
27

Exploit-Db

descriptionUBB Threads 5.x / 6.x Multiple Remote File Inclusion Vulnerabilities. CVE-2006-2675,CVE-2006-2755. Webapps exploit for php platform
idEDB-ID:1843
last seen2016-01-31
modified2006-05-28
published2006-05-28
reporternukedx
sourcehttps://www.exploit-db.com/download/1843/
titleUBB Threads 5.x / 6.x - Multiple Remote File Inclusion Vulnerabilities

References