Vulnerabilities > CVE-2006-2871 - Unspecified vulnerability in Cyboards PHP Lite 1.25
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cyboards
exploit available
Summary
PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. NOTE: CVE disputes this issue, since $script_path is set to a constant value
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | CyBoards PHP Lite 1.21/1.25 Common.PHP Remote File Include Vulnerability. CVE-2006-2871. Webapps exploit for php platform |
| id | EDB-ID:27970 |
| last seen | 2016-02-03 |
| modified | 2006-06-05 |
| published | 2006-06-05 |
| reporter | SpC-x |
| source | https://www.exploit-db.com/download/27970/ |
| title | CyBoards PHP Lite 1.21/1.25 Common.PHP Remote File Include Vulnerability |
References
- http://www.securityfocus.com/bid/18272
- http://securitytracker.com/id?1016225
- http://www.osvdb.org/26596
- http://www.attrition.org/pipermail/vim/2007-April/001510.html
- http://securityreason.com/securityalert/1051
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26962
- http://www.securityfocus.com/archive/1/435977/100/0/threaded