CVE-2006-5230

PHP remote file inclusion vulnerability in forum.php in FreeForum 0.9.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-10 08:07:00.000-04
Last Modified2018-10-17 05:41:48.000-04

Vulnerable Software List

VendorProductVersions
Freeforum Freeforum 0.9.7

References

SourceLink
SREASON1710
BUGTRAQ20061007 FreeForum 0.9.7 (fpath) Remote File Include Vulnerability
BID20388
VUPENADV-2006-3955
XFfreeforum-forum-file-include(29391)
EXPLOIT-DB2484