Vulnerability in N/a
CVE-2007-4906
PHP remote file inclusion vulnerability in tasks/send_queued_emails.php in NuclearBB Alpha 2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter.
EPSS: 0.621 (98.4th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 4395 (exploit, x_refsource_EXPLOIT-DB)
- 3142 (x_refsource_SREASON, third-party-advisory)
- 38978 (x_refsource_OSVDB, vdb-entry)
- nuclearbb-sendqueuedemails-file-include(36556) (vdb-entry, x_refsource_XF)
- 20070911 NuclearBB Alpha 2 Remote File Inclusion (mailing-list, x_refsource_BUGTRAQ)