CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-5674

Multiple PHP remote file inclusion vulnerabilities in miniBB 2.0.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter to (1) bb_func_forums.php, (2) bb_functions.php, or (3) the RSS plugin.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.4%

CVSS Severity

CVSS v2 Score 7.5

References

http://osvdb.org/33963
http://osvdb.org/33964
http://osvdb.org/33965
http://www.minibb.net/forums/9_4274_0.html
http://osvdb.org/33963
http://osvdb.org/33964
http://osvdb.org/33965
http://www.minibb.net/forums/9_4274_0.html

Products affected by CVE-2006-5674

Minibb » Minibb » Version: Any

cpe:2.3:a:minibb:minibb:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-5674

Products

Pricing

Contact Us