CVE-2008-5577

Properties

Published:
14.12.2008
Updated:
29.01.2009
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Product:
scssboard: scssboard
scssboard: scssboard
scssboard: scssboard
scssboard: scssboard

Vulnerability description

PHP remote file inclusion vulnerability in index.php in sCssBoard 1.0, 1.1, 1.11, and 1.12 allows remote attackers to execute arbitrary PHP code via a URL in the inc_function parameter.

References:

XF: http://xforce.iss.net/xforce/xfdb/47457
MILW0RM: http://www.milw0rm.com/exploits/5149
SREASON: http://securityreason.com/securityalert/4739