Arbitrary PHP Code Execution via Absolute Path Parameter in PHPTB Topic Board 2.0 and Earlier

Arbitrary PHP Code Execution via Absolute Path Parameter in PHPTB Topic Board 2.0 and Earlier

CVE-2005-2633 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple PHP file inclusion vulnerabilities in (1) admin_o.php, (2) board_o.php, (3) dev_o.php, (4) file_o.php or (5) tech_o.php in PHPTB Topic Board 2.0 and earlier allow remote attackers to execute arbitrary PHP code via the absolutepath parameter.

Learn more about our Web Application Penetration Testing UK.