CVE

Id
25593  
CVE No.
CVE-2007-2236  
Status
Candidate  
Description
footer.php in PunBB 1.2.14 and earlier allows remote attackers to include local files in include/user/ via a cross-site scripting (XSS) attack, or via the pun_include tag, as demonstrated by use of admin_options.php to execute PHP code from an uploaded avatar file.  
Phase
Assigned (20070425)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
255707 25593 CVE-2007-2236 BUGTRAQ:20070411 PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory)  View
255708 25593 CVE-2007-2236 URL:http://www.securityfocus.com/archive/1/archive/1/465400/100/100/threaded  View
255709 25593 CVE-2007-2236 BUGTRAQ:20070411 PunBB <= 1.2.14 Remote Code Execution (Exploit)  View
255710 25593 CVE-2007-2236 URL:http://www.securityfocus.com/archive/1/archive/1/465338/100/100/threaded  View
255711 25593 CVE-2007-2236 MISC:http://www.acid-root.new.fr/advisories/13070411.txt  View
255712 25593 CVE-2007-2236 CONFIRM:http://dev.punbb.org/changeset/937  View
255713 25593 CVE-2007-2236 VUPEN:ADV-2007-1362  View
255714 25593 CVE-2007-2236 URL:http://www.vupen.com/english/advisories/2007/1362  View
255715 25593 CVE-2007-2236 SECUNIA:24843  View
255716 25593 CVE-2007-2236 URL:http://secunia.com/advisories/24843  View
255717 25593 CVE-2007-2236 SREASON:2613  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
43028 JVNDB-2009-004035 Microsoft IAG で使用される WhlMgr.dll におけるスタックベースのバッファオーバーフローの脆弱性 Microsoft Intelligent Application Gateway (IAG) で使用される Whale Client Components ActiveX コントロール (WhlMgr.dll) には、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2007-2238 25593 9.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-004035.html  View