CVE-2007-2236 - footer.php in PunBB 1.2.14 and earlier allows remote attackers to include local files in include/use

CVE-2007-2236

Summary

footer.php in PunBB 1.2.14 and earlier allows remote attackers to include local files in include/user/ via a cross-site scripting (XSS) attack, or via the pun_include tag, as demonstrated by use of admin_options.php to execute PHP code from an uploaded avatar file.

References

Vulnerable Configurations

cpe:2.3:a:punbb:punbb:*:*:*:*:*:*:*:*
cpe:2.3:a:punbb:punbb:*:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 16-10-2018 - 16:42)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bugtraq	20070411 PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory) 20070411 PunBB <= 1.2.14 Remote Code Execution (Exploit)
confirm	http://dev.punbb.org/changeset/937
misc	http://www.acid-root.new.fr/advisories/13070411.txt
secunia	24843
sreason	2613
vupen	ADV-2007-1362

Last major update

16-10-2018 - 16:42

Published

25-04-2007 - 15:19

Last modified

16-10-2018 - 16:42