Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2675

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-2675
Last Modified 10 Sep 2008 04:19:06
Published 30 May 2006 05:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-2675

Summary

PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote attackers to execute arbitrary PHP code via a URL in the (1) thispath or (2) configdir parameters.

Vulnerable Systems

Application

  • Ubbcentral Ubb.threads 3.4

  • Ubbcentral Ubb.threads 3.5

  • Ubbcentral Ubb.threads 5.0

  • Ubbcentral Ubb.threads 5.5.1

  • Ubbcentral Ubb.threads 6.0

  • Ubbcentral Ubb.threads 6.0.1

  • Ubbcentral Ubb.threads 6.0.2

  • Ubbcentral Ubb.threads 6.0.3

  • Ubbcentral Ubb.threads 6.1

  • Ubbcentral Ubb.threads 6.1.1

  • Ubbcentral Ubb.threads 6.2

  • Ubbcentral Ubb.threads 6.2.1

  • Ubbcentral Ubb.threads 6.2.2

  • Ubbcentral Ubb.threads 6.2.3

  • Ubbcentral Ubb.threads 6.3

  • Ubbcentral Ubb.threads 6.3.1

  • Ubbcentral Ubb.threads 6.4

  • Ubbcentral Ubb.threads 6.4.1

  • Ubbcentral Ubb.threads 6.4.2

  • Ubbcentral Ubb.threads 6.4.3

  • Ubbcentral Ubb.threads 6.4.4

  • Ubbcentral Ubb.threads 6.5

  • Ubbcentral Ubb.threads 6.5.1

  • Ubbcentral Ubb.threads 6.5.1.1

  • Ubbcentral Ubb.threads 6.5.2

  • Ubbcentral Ubb.threads 6.5.2 Beta2

  • Ubbcentral Ubb.threads 6.5.3


References

BUGTRAQ - 20060528 Advisory: UBBThreads 5.x,6.x Multiple File InclusionVulnerabilities.

XF - ubbthreads-ubbtinc-file-include(26866)

SREASON - 985


Last Updated: 27 May 2016 10:42:42