Remote file inclusion

2007-02-2200:28:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

0.118 Low

EPSS

Percentile

95.4%

JSON

PHP remote file inclusion vulnerability in function.php in Ultimate Fun Book 1.02 allows remote attackers to execute arbitrary PHP code via a URL in the gbpfad parameter. NOTE: some sources mention “Ultimate Fun Board,” but this appears to be an error.

CPENameOperatorVersion
ultimate_fun_bookeq1.02

CPE	Name	Operator	Version
	ultimate_fun_book	eq	1.02

References

osvdb.org/33305

secunia.com/advisories/24219

www.securityfocus.com/bid/22633

www.vupen.com/english/advisories/2007/0675

exchange.xforce.ibmcloud.com/vulnerabilities/32584

www.exploit-db.com/exploits/3336