CVE-2008-3707
https://notcve.org/view.php?id=CVE-2008-3707
Multiple PHP remote file inclusion vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to execute arbitrary PHP code via a URL in the script_path parameter to (1) flat_read.php, (2) post.php, (3) process_post.php, (4) process_search.php, (5) forum.php, (6) process_subscribe.php, (7) read.php, (8) search.php, (9) subscribe.php in path/; and (10) add_ban.php, (11) add_ban_form.php, (12) add_board.php, (13) add_vip.php, (14) add_vip_form.php, (15) copy_ban.php, (16) copy_vip.php, (17) delete_ban.php, (18) delete_board.php, (19) delete_messages.php, (20) delete_vip.php, (21) edit_ban.php, (22) edit_board.php, (23) edit_vip.php, (24) index.php, (25) lock_messages.php, (26) login.php, (27) modify_ban_list.php, (28) modify_vip_list.php, (29) move_messages.php, (30) process_add_board.php, (31) process_ban.php, (32) process_delete_ban.php, (33) process_delete_board.php, (34) process_delete_messages.php, (35) process_delete_vip.php, (36) process_edit_board.php, (37) process_lock_messages.php, (38) process_login.php, (39) process_move_messages.php, (40) process_sticky_messages.php, (41) process_vip.php, and (42) sticky_messages.php in path/adminopts. NOTE: the include/common.php vector is covered by CVE-2006-2871. NOTE: some of these vectors might not be vulnerabilities under proper installation. Múltiples vulnerabilidades de inclusión de archivos remotos PHP en CyBoards PHP Lite versión 1.21, permite a atacantes remotos ejecutar código PHP arbitrario por medio de una URL en el parámetro script_path en los archivos (1) flat_read.php, (2) post.php, (3) process_post.php, (4) process_search.php, (5) forum.php, (6) process_subscribe.php, (7) read.php, (8) search.php, (9) subscribe.php en path/; y los archivos (10) add_ban.php, (11) add_ban_form.php, (12) add_board.php, (13) add_vip.php, (14) add_vip_form.php, (15) copy_ban.php, (16) copy_vip.php, (17) delete_ban.php, (18) delete_board.php, (19) delete_messages.php, (20) delete_vip.php, (21) edit_ban.php, (22) edit_board.php, (23) edit_vip.php, (24) index.php, (25) lock_messages.php, (26) login.php, (27) modify_ban_list.php, (28) modify_vip_list.php, (29) move_messages.php, (30) process_add_board.php, (31) process_ban.php, (32) process_delete_ban.php, (33) process_delete_board.php, (34) process_delete_messages.php, (35) process_delete_vip.php, (36) process_edit_board.php, (37) process_lock_messages.php, (38) process_login.php, (39) process_move_messages.php, (40) process_sticky_messages.php, (41) process_vip.php, y (42) sticky_messages.php en path/adminopts. NOTA: el vector include/common.php está cubierto por CVE-2006-2871. • http://packetstormsecurity.org/0808-exploits/cyboards-rfilfixss.txt http://www.attrition.org/pipermail/vim/2008-August/002052.html http://www.securityfocus.com/bid/30688 https://exchange.xforce.ibmcloud.com/vulnerabilities/44474 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2008-3710
https://notcve.org/view.php?id=CVE-2008-3710
Multiple directory traversal vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) script_path parameter to (a) options.php and the (2) lang_code parameter to (b) copy_vip.php and (c) process_edit_board.php in adminopts/. NOTE: some of these vectors might not be vulnerabilities under proper installation. Múltiples vulnerabilidades de salto de directorio CyBoards PHP Lite 1.21, permiten a atacantes remotos incluir y ejecutar archivos locales arbitrariamente mediante secuencias de salto de directorio en el parámetro (1) script_path de (a) options.php y el parámetro (2) lang_code en (b) copy_vip.php y (c) process_edit_board.php de adminopts/. NOTA: alguno de estos vectores podrían no considerarse vulnerabilidades con una instalación adecuada. • http://packetstormsecurity.org/0808-exploits/cyboards-rfilfixss.txt http://www.attrition.org/pipermail/vim/2008-August/002052.html http://www.securityfocus.com/bid/30688 https://exchange.xforce.ibmcloud.com/vulnerabilities/44475 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2008-3709
https://notcve.org/view.php?id=CVE-2008-3709
Multiple cross-site scripting (XSS) vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to inject arbitrary web script or HTML via the (1) lOptionsOptions, (2) lNavAdminOptions, or (3) lNavReturn parameter to options.php; or the (4) lNavReturn parameter to subscribe.php. Múltiples vulnerabilidades de Secuencias de comandos en sitios cruzados en CyBoards PHP Lite 1.21, permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrariamente a través de (1) lOptionsOptions, (2) lNavAdminOptions, o (3) lNavReturn parameter de options.php; o el parámetro (4) lNavReturn de subscribe.php. • http://packetstormsecurity.org/0808-exploits/cyboards-rfilfixss.txt http://www.attrition.org/pipermail/vim/2008-August/002052.html http://www.securityfocus.com/bid/30688 https://exchange.xforce.ibmcloud.com/vulnerabilities/44476 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-1983 – CyBoards PHP Lite 1.21 - 'script_path' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2007-1983
PHP remote file inclusion vulnerability in include/default_header.php in Cyboards PHP Lite 1.21 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter, a different vector than CVE-2006-2871. Vulnerabilidad de inclusión remota de archivo en PHP en include/default_header.php de Cyboards PHP Lite 1.21 permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro script_path, un vector diferente que CVE-2006-2871. • https://www.exploit-db.com/exploits/3660 http://osvdb.org/35300 http://www.attrition.org/pipermail/vim/2007-April/001509.html http://www.securityfocus.com/bid/23306 https://exchange.xforce.ibmcloud.com/vulnerabilities/33406 •