3 matches found
CVE-2008-1862
ExBB Italia 0.22 and earlier are affected by PHP remote file inclusion vulnerabilities. The CVE-2008-1862 family describes checks on GET requests via QUERY_STRING that can be bypassed using POST or COOKIE variables, enabling RFI through URLs in the exbb[home_path] or new_exbb[home_path] parameter...
CVE-2006-4488
ExBB Italia
CVE-2008-1861
CVE-2008-1861 affects ExBB Italia version 0.22 and earlier. A directory traversal flaw in modules/threadstop/threadstop.php allows remote attackers to include and execute arbitrary local files via a .. in the exbb[default_lang] parameter when register_globals is enabled and magic_quotes_gpc is di...