[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-5043Date: (C)2006-09-27   (M)2024-02-22


Multiple PHP remote file inclusion vulnerabilities in the Joomlaboard Forum Component (com_joomlaboard) before 1.1.2 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) file_upload.php or (2) image_upload.php, a variant of CVE-2006-3528.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://marc.info/?l=bugtraq&m=117468769820721&w=2
SECUNIA-21059
BID-23129
EXPLOIT-DB-3560
ADV-2006-2804
http://forum.joomla.org/index.php/topic%2C76852.0.html
http://forum.joomla.org/index.php/topic%2C79477.0.html
http://jext.info/builds/joomlaboard/joomlaboard-1.1.1-stable.tgz
http://www.howtoria.com/index.php?option=com_docman&task=doc_download&gid=32&Itemid=27
joomlaboard-fileimageupload-file-include(33199)

CWE    1
CWE-94

© SecPod Technologies