Integramod.Portal.Phpbb_Root_Path.File.Inclusion
Description
Integramod Portal has a remote file-include vulnerability. A remote attacker could execute an arbitrary script on the web server, with the privileges of the server, via a specially-crafted URL request to the 'includes/functions_portal.php' script, by using the 'phpbb_root_path' parameter to specify a malicious PHP file from a remote system.
Affected Products
IntegraMOD 2.x and prior.
Impact
Gain Access.
Recommended Actions
Currently we are not aware of any vendor-supplied patches for this issue.
http://www.integramod2.com/forum/portal.php
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |