Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1203


Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1203
Last Modified 05 Sep 2008 05:01:17
Published 13 Mar 2006 08:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, related to include statements in common.php.

Vulnerable Systems


  • Txtforum 1.0.4 Dev


BUGTRAQ - 20060309 txtForum: Script Injection Vulnerability


XF - txtforum-login-file-include(25131)

BID - 17061

OSVDB - 23952

Last Updated: 27 May 2016 10:41:58