Vulnerability Details CVE-2006-1203
PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, related to include statements in common.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.osvdb.org/23952
- http://www.seclab.tuwien.ac.at/advisories/TUVSA-0603-004.txt
- http://www.securityfocus.com/archive/1/427188/100/0/threaded
- http://www.securityfocus.com/bid/17061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25131
- http://www.osvdb.org/23952
- http://www.seclab.tuwien.ac.at/advisories/TUVSA-0603-004.txt
- http://www.securityfocus.com/archive/1/427188/100/0/threaded
- http://www.securityfocus.com/bid/17061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25131