2 matches found
CVE-2006-4368
CVE-2006-4368 concerns a PHP remote file inclusion in IntegraMOD Portal 2.x and earlier. The flaw resides in includes/functions_portal.php, where an attacker can supply a URL via the phpbb_root_path parameter to execute arbitrary PHP code on the remote server. Affected software is IntegraMOD Port...
CVE-2006-4369
CVE-2006-4369 affects IntegraMOD Portal 2.x and earlier. The vulnerability resides in the PHP file includes/functions_portal.php and is exploitable when magic_quotes_gpc is disabled . An attacker can perform an absolute path traversal by supplying an absolute path to the phpbb_root_path parameter...