CVE-2006-2675

PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote attackers to execute arbitrary PHP code via a URL in the (1) thispath or (2) configdir parameters.

Affected Software

Name	Vendor	Start Version	End Version
Ubb.threads	Ubbcentral	*	6.5.3 (including)
Ubb.threads	Ubbcentral	3.4 (including)	3.4 (including)
Ubb.threads	Ubbcentral	3.5 (including)	3.5 (including)
Ubb.threads	Ubbcentral	5.0 (including)	5.0 (including)
Ubb.threads	Ubbcentral	5.5.1 (including)	5.5.1 (including)
Ubb.threads	Ubbcentral	6.0 (including)	6.0 (including)
Ubb.threads	Ubbcentral	6.0.1 (including)	6.0.1 (including)
Ubb.threads	Ubbcentral	6.0.2 (including)	6.0.2 (including)
Ubb.threads	Ubbcentral	6.0.3 (including)	6.0.3 (including)
Ubb.threads	Ubbcentral	6.1 (including)	6.1 (including)
Ubb.threads	Ubbcentral	6.1.1 (including)	6.1.1 (including)
Ubb.threads	Ubbcentral	6.2 (including)	6.2 (including)
Ubb.threads	Ubbcentral	6.2.1 (including)	6.2.1 (including)
Ubb.threads	Ubbcentral	6.2.2 (including)	6.2.2 (including)
Ubb.threads	Ubbcentral	6.2.3 (including)	6.2.3 (including)
Ubb.threads	Ubbcentral	6.3 (including)	6.3 (including)
Ubb.threads	Ubbcentral	6.3.1 (including)	6.3.1 (including)
Ubb.threads	Ubbcentral	6.4 (including)	6.4 (including)
Ubb.threads	Ubbcentral	6.4.1 (including)	6.4.1 (including)
Ubb.threads	Ubbcentral	6.4.2 (including)	6.4.2 (including)
Ubb.threads	Ubbcentral	6.4.3 (including)	6.4.3 (including)
Ubb.threads	Ubbcentral	6.4.4 (including)	6.4.4 (including)
Ubb.threads	Ubbcentral	6.5 (including)	6.5 (including)
Ubb.threads	Ubbcentral	6.5.1 (including)	6.5.1 (including)
Ubb.threads	Ubbcentral	6.5.1.1 (including)	6.5.1.1 (including)
Ubb.threads	Ubbcentral	6.5.2 (including)	6.5.2 (including)
Ubb.threads	Ubbcentral	6.5.2_beta2 (including)	6.5.2_beta2 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-2675
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References