miniBB RSS 2.0 Plugin Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30421/info The RSS plugin for miniBB is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the...

MiniBB PathToFiles Parameter Remote File Include Vulnerability

The remote web server contains a PHP script that is affected by a remote file include issue. Description: The remote web server is running MiniBB, an open source forum software. The version of MiniBB installed on the remote host fails to sanitize input to the 'pathToFiles' parameter before using ...

miniBB RSS插件远程文件包含漏洞

BUGTRAQ ID: 30421 CNCAN ID：CNCAN-2008073001 miniBB是一款基于PHP的论坛程序。 miniBB不正确过滤用户提交的参数，远程攻击者可以利用漏洞以WEB进程权限执行任意PHP代码。 miniBB包含的RSS插件脚本不正确过滤用户提交的WEB参数，指定远程服务器上的任意文件作为包含对象，可导致以WEB进程权限执行任意PHP代码。 Paul Puzyrev RSS 2.0 目前没有解决方案提供： http://www.minibb.com/download.htmladdons...