Vulnerabilities > CVE-2006-3475 - Remote File Include vulnerability in Free Qboard Free Qboard 1.1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
free-qboard
exploit available

Summary

Multiple PHP remote file inclusion vulnerabilities in free QBoard 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the qb_path parameter to (1) index.php, (2) about.php, (3) contact.php, (4) delete.php, (5) faq.php, (6) features.php or (7) history.php, a different set of vectors than CVE-2006-2998.

Vulnerable Configurations

Part Description Count
Application
Free_Qboard
1

Exploit-Db

  • descriptionfree QBoard 1.1 contact.php qb_path Parameter Remote File Inclusion. CVE-2006-3475. Webapps exploit for php platform
    idEDB-ID:28152
    last seen2016-02-03
    modified2006-07-03
    published2006-07-03
    reporterCrAsh_oVeR_rIdE
    sourcehttps://www.exploit-db.com/download/28152/
    titlefree QBoard 1.1 contact.php qb_path Parameter Remote File Inclusion
  • descriptionfree QBoard 1.1 history.php qb_path Parameter Remote File Inclusion. CVE-2006-3475. Webapps exploit for php platform
    idEDB-ID:28156
    last seen2016-02-03
    modified2006-07-03
    published2006-07-03
    reporterCrAsh_oVeR_rIdE
    sourcehttps://www.exploit-db.com/download/28156/
    titlefree QBoard 1.1 history.php qb_path Parameter Remote File Inclusion
  • descriptionfree QBoard 1.1 index.php qb_path Parameter Remote File Inclusion. CVE-2006-3475. Webapps exploit for php platform
    idEDB-ID:28150
    last seen2016-02-03
    modified2006-07-03
    published2006-07-03
    reporterCrAsh_oVeR_rIdE
    sourcehttps://www.exploit-db.com/download/28150/
    titlefree QBoard 1.1 index.php qb_path Parameter Remote File Inclusion
  • descriptionfree QBoard 1.1 faq.php qb_path Parameter Remote File Inclusion. CVE-2006-3475. Webapps exploit for php platform
    idEDB-ID:28154
    last seen2016-02-03
    modified2006-07-03
    published2006-07-03
    reporterCrAsh_oVeR_rIdE
    sourcehttps://www.exploit-db.com/download/28154/
    titlefree QBoard 1.1 faq.php qb_path Parameter Remote File Inclusion
  • descriptionfree QBoard 1.1 about.php qb_path Parameter Remote File Inclusion. CVE-2006-3475 . Webapps exploit for php platform
    idEDB-ID:28151
    last seen2016-02-03
    modified2006-07-03
    published2006-07-03
    reporterCrAsh_oVeR_rIdE
    sourcehttps://www.exploit-db.com/download/28151/
    titlefree QBoard 1.1 about.php qb_path Parameter Remote File Inclusion
  • descriptionfree QBoard 1.1 features.php qb_path Parameter Remote File Inclusion. CVE-2006-3475. Webapps exploit for php platform
    idEDB-ID:28155
    last seen2016-02-03
    modified2006-07-03
    published2006-07-03
    reporterCrAsh_oVeR_rIdE
    sourcehttps://www.exploit-db.com/download/28155/
    titlefree QBoard 1.1 features.php qb_path Parameter Remote File Inclusion