CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
90.2%
Multiple directory traversal vulnerabilities in PNphpBB2 1.2i and earlier allow remote attackers to include and execute arbitrary local files via a … (dot dot) in the ModName parameter to (1) admin_words.php, (2) admin_groups_reapir.php, (3) admin_smilies.php, (4) admin_ranks.php, (5) admin_styles.php, and (6) admin_users.php in admin/.
Vendor | Product | Version | CPE |
---|---|---|---|
pnphpbb | pnphpbb2 | * | cpe:2.3:a:pnphpbb:pnphpbb2:*:*:*:*:*:*:*:* |
pnphpbb | pnphpbb2 | 1.0 | cpe:2.3:a:pnphpbb:pnphpbb2:1.0:*:*:*:*:*:*:* |
pnphpbb | pnphpbb2 | 1.1 | cpe:2.3:a:pnphpbb:pnphpbb2:1.1:*:*:*:*:*:*:* |
pnphpbb | pnphpbb2 | 1.1a | cpe:2.3:a:pnphpbb:pnphpbb2:1.1a:*:*:*:*:*:*:* |
pnphpbb | pnphpbb2 | 1.2 | cpe:2.3:a:pnphpbb:pnphpbb2:1.2:*:*:*:*:*:*:* |
pnphpbb | pnphpbb2 | 1.2a | cpe:2.3:a:pnphpbb:pnphpbb2:1.2a:*:*:*:*:*:*:* |
pnphpbb | pnphpbb2 | 1.2d | cpe:2.3:a:pnphpbb:pnphpbb2:1.2d:*:*:*:*:*:*:* |
pnphpbb | pnphpbb2 | 1.2e | cpe:2.3:a:pnphpbb:pnphpbb2:1.2e:*:*:*:*:*:*:* |
pnphpbb | pnphpbb2 | 1.2f | cpe:2.3:a:pnphpbb:pnphpbb2:1.2f:*:*:*:*:*:*:* |
pnphpbb | pnphpbb2 | 1.2g | cpe:2.3:a:pnphpbb:pnphpbb2:1.2g:*:*:*:*:*:*:* |