Vulnerabilities > CVE-2007-3096 - Local File Include vulnerability in PBLang
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Directory traversal vulnerability in login.php in PBLang (PBL) 4.67.16.a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. Successful exploitation with arbitrary file extensions requires that "magic_quotes_gpc" is disabled.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | PBLang <= 4.67.16.a Remote Code Execution Exploit. CVE-2007-3096. Webapps exploit for php platform |
file | exploits/php/webapps/4036.php |
id | EDB-ID:4036 |
last seen | 2016-01-31 |
modified | 2007-06-06 |
platform | php |
port | |
published | 2007-06-06 |
reporter | Silentz |
source | https://www.exploit-db.com/download/4036/ |
title | PBLang <= 4.67.16.a Remote Code Execution Exploit |
type | webapps |
Nessus
NASL family | CGI abuses |
NASL id | PBLANG_LANG_FILE_INCLUDE.NASL |
description | The remote host is running PBLang, a bulletin board system that uses flat files and is written in PHP. The version of PBLang installed on the remote host fails to sanitize user input to the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 25444 |
published | 2007-06-07 |
reporter | This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/25444 |
title | PBLang login.php lang Parameter Local File Inclusion |