Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) components/com_minibb.php or (2) components/minibb/index.php.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Forum | Minibb | 1.5a (including) | 1.5a (including) |