PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Pabugs | Php_arena | * | 2.0_beta_3 (including) |
References
- http://www.securityfocus.com/bid/20222
- http://www.vupen.com/english/advisories/2006/3784
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29179
- https://www.exploit-db.com/exploits/2437
- http://www.securityfocus.com/bid/20222
- http://www.vupen.com/english/advisories/2006/3784
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29179
- https://www.exploit-db.com/exploits/2437