PHP remote file inclusion vulnerability in index.php in GNUBoard 3.39 and earlier allows remote attackers to execute arbitrary PHP code by modifying the doc parameter to reference a URL on a remote web server that contains the code.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gnuboard | Sir | 3.30 (including) | 3.30 (including) |
Gnuboard | Sir | 3.31 (including) | 3.31 (including) |
Gnuboard | Sir | 3.32 (including) | 3.32 (including) |
Gnuboard | Sir | 3.33 (including) | 3.33 (including) |
Gnuboard | Sir | 3.34 (including) | 3.34 (including) |
Gnuboard | Sir | 3.35 (including) | 3.35 (including) |
Gnuboard | Sir | 3.36 (including) | 3.36 (including) |
Gnuboard | Sir | 3.37 (including) | 3.37 (including) |
Gnuboard | Sir | 3.38 (including) | 3.38 (including) |
Gnuboard | Sir | 3.39 (including) | 3.39 (including) |