Vulnerabilities > CVE-2007-2204 - Remote File Include vulnerability in GPL PHP Board GPL PHP Board 200111141

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

gpl-php-board

exploit available

NVD

Published: 2007-04-24

Updated: 2017-10-11

Summary

Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board (GPB) unstable-2001.11.14-1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) db.mysql.inc.php or (2) gpb.inc.php in include/, or the (3) theme parameter to themes/ubb/login.php.

Vulnerable Configurations

Part	Description	Count
Application	Gpl_Php_Board GPL PHP Board GPL PHP Board 2001-11-14_1	1

Exploit-Db

description	GPB Bulletin Board Multiple Remote File Inclusion Vulnerabilities. CVE-2007-2204. Webapps exploit for php platform
file	exploits/php/webapps/3786.txt
id	EDB-ID:3786
last seen	2016-01-31
modified	2007-04-24
platform	php
port
published	2007-04-24
reporter	ThE TiGeR
source	https://www.exploit-db.com/download/3786/
title	GPB Bulletin Board Multiple Remote File Inclusion Vulnerabilities
type	webapps

Summary

Vulnerable Configurations

Exploit-Db

References