CVE-2006-5314

PHP remote file inclusion vulnerability in ftag.php in TribunaLibre 3.12 Beta allows remote attackers to execute arbitrary PHP code via a URL in the mostrar parameter.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-17 01:07:00.000-04
Last Modified2018-10-17 05:42:08.000-04

Vulnerable Software List

VendorProductVersions
Phplibre Tribunalibre 3.12 beta

References

SourceLink
MISChttp://acid-root.new.fr/poc/13061007.txt
SREASON1734
BUGTRAQ20061007 7 php scripts File Inclusion / Source disclosure Vuln
BID20443
XFtribunalibre-ftag-file-include(29415)
EXPLOIT-DB2501