PHP remote file inclusion vulnerability in templates/pb/language/lang_nl.php in PBLang (PBL) 4.66z and earlier allows remote attackers to execute arbitrary PHP code via a URL in the temppath parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Pblang | Pblang | * | 4.66z (including) |
| Pblang | Pblang | 4.0 (including) | 4.0 (including) |
| Pblang | Pblang | 4.6 (including) | 4.6 (including) |
| Pblang | Pblang | 4.56_4.5_rc2 (including) | 4.56_4.5_rc2 (including) |
| Pblang | Pblang | 4.63 (including) | 4.63 (including) |
| Pblang | Pblang | 4.65 (including) | 4.65 (including) |
| Pblang | Pblang | 4.66 (including) | 4.66 (including) |
References
- http://secunia.com/advisories/22121
- http://www.securityfocus.com/bid/20184
- http://www.vupen.com/english/advisories/2006/3772
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29139
- https://www.exploit-db.com/exploits/2428
- http://secunia.com/advisories/22121
- http://www.securityfocus.com/bid/20184
- http://www.vupen.com/english/advisories/2006/3772
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29139
- https://www.exploit-db.com/exploits/2428