CVE-2006-4191 - Directory traversal vulnerability in memcp.php in XMB (Extreme Message Board) 1.9.6 and earlier allo

CVE-2006-4191

Summary

Directory traversal vulnerability in memcp.php in XMB (Extreme Message Board) 1.9.6 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the langfilenew parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by header.php.

References

Vulnerable Configurations

cpe:2.3:a:xmb_software:extreme_message_board:*:*:*:*:*:*:*:*
cpe:2.3:a:xmb_software:extreme_message_board:*:*:*:*:*:*:*:*

CVSS

Base:	5.1 (as of 29-04-2021 - 15:15)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:H/Au:N/C:P/I:P/A:P

refmap via4

bid	19494 19501
bugtraq	20060813 XMB <= 1.9.6 Final basename()/'langfilenew' arbitrary local inclusion / remote commands execution
exploit-db	2178
misc	http://retrogod.altervista.org/xmb_196_sql.html
secunia	21293
sreason	1411
xf	xmb-memcp-file-include(28356)

statements via4

contributor
lastmodified	2008-12-11
organization	XMB
statement	XMB versions 1.9.8 and later were checked and are not vulnerable.

Last major update

29-04-2021 - 15:15

Published

17-08-2006 - 01:04

Last modified

29-04-2021 - 15:15