2 matches found
CVE-2006-4004
Directory traversal vulnerability in index.php in vbPortal 3.0.2 through 3.6.0 Beta 1, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bbvbplang cookie, as demonstrated by injecting PHP sequences into a...
CVE-2006-4004
CVE-2006-4004 describes a directory traversal vulnerability in vbPortal versions 3.0.2 through 3.6.0 Beta 1. When magic_quotes_gpc is disabled, remote attackers can cause the application to include and execute local files by manipulating directory traversal sequences in the bbvbplang cookie. The ...