vendor:
Omegaboard
by:
xoron
7.5
CVSS
HIGH
Remote File Include
CWE
Product Name: Omegaboard
Affected Version From: v1.0b4
Affected Version To: v1.0b4
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2007
Omegaboard v1.0b4 (phpbb_root_path) Remote File Include Exploit
This exploit allows an attacker to include arbitrary remote files in the target system using the 'phpbb_root_path' parameter in the 'functions.php' file of Omegaboard v1.0b4. By manipulating the 'phpbb_root_path' parameter, an attacker can execute malicious code or gain unauthorized access to the target system.
Mitigation:
To mitigate this vulnerability, it is recommended to update to a patched version of Omegaboard that fixes the remote file inclusion vulnerability. Additionally, ensure that the 'phpbb_root_path' parameter is properly sanitized and validated before including any files.
