Vulnerability Details CVE-2006-7047
include.php in Shoutpro 1.0 might allow remote attackers to bypass IP ban restrictions via a URL in the path parameter that points to an alternate bannedips.php file. NOTE: this issue was originally reported as remote file inclusion, but CVE analysis suggests that this cannot be used for code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.3%
CVSS Severity
CVSS v2 Score 5.0
References
- http://securityreason.com/securityalert/2303
- http://www.securityfocus.com/archive/1/436975/30/4440/threaded
- http://www.securityfocus.com/archive/1/436997/30/4410/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27111
- http://securityreason.com/securityalert/2303
- http://www.securityfocus.com/archive/1/436975/30/4440/threaded
- http://www.securityfocus.com/archive/1/436997/30/4410/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27111