PunBB.Register.PHP.Local.File.Inclusion
Description
This indicates an attempt to exploit a local file inclusion vulnerability in PunBB.
PunBB has a local file inclusion vulnerability. It may allow a remote attacker to execute arbitrary scripts on a web server, with the privileges of the server. This can be accomplished via a specially crafted URL request to the 'register.php' script, using the 'language' parameter to specify a malicious PHP file from a remote system.
Affected Products
PunBB version 1.2.13 and prior.
Impact
System compromise.
Recommended Actions
Upgrade to PunBB version 1.2.14 :
http://bfexplorer.sourceforge.net/downloads.php
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |