Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2134

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-2134
Last Modified 07 Mar 2011 09:35:25
Published 02 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-2134

Summary

PHP remote file inclusion vulnerability in /includes/kb_constants.php in Knowledge Base Mod for PHPbb 2.0.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.

Vulnerable Systems

Application

  • Phpbb Group Phpbb 1.0.0

  • Phpbb Group Phpbb 1.0.1

  • Phpbb Group Phpbb 1.2.0

  • Phpbb Group Phpbb 1.2.1

  • Phpbb Group Phpbb 1.4.0

  • Phpbb Group Phpbb 1.4.1

  • Phpbb Group Phpbb 1.4.2

  • Phpbb Group Phpbb 1.4.4

  • Phpbb Group Phpbb 2.0 Beta1

  • Phpbb Group Phpbb 2.0 Rc1

  • Phpbb Group Phpbb 2.0 Rc2

  • Phpbb Group Phpbb 2.0 Rc3

  • Phpbb Group Phpbb 2.0 Rc4

  • Phpbb Group Phpbb 2.0.0

  • Phpbb Group Phpbb 2.0.1

  • Phpbb Group Phpbb 2.0.2


References

VUPEN - ADV-2006-1585

SECUNIA - 19892

MILW0RM - 1728

XF - kbmod-phpbb-kbconstants-file-include(26279)

BID - 17763


Last Updated: 27 May 2016 10:42:20