Intrusion PreventionPunBB.Register.PHP.Local.File.Inclusion
Description
This indicates an attempt to exploit a local file inclusion vulnerability in PunBB.
PunBB has a local file inclusion vulnerability. It may allow a remote attacker to execute arbitrary scripts on a web server, with the privileges of the server. This can be accomplished via a specially crafted URL request to the 'register.php' script, using the 'language' parameter to specify a malicious PHP file from a remote system.
Affected Products
PunBB version 1.2.13 and prior.
Impact
System compromise.
Recommended Actions
Upgrade to PunBB version 1.2.14 :
http://bfexplorer.sourceforge.net/downloads.php
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-12-11 | 16.978 |
| ID | 15250 |
| Created | Jan 04, 2008 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2006-5735 |
| Exploit Prediction Score | 1.62% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, BSD, Solaris, MacOS |
| Affected App | PHP_app |