N/A

Multiple directory traversal vulnerabilities in PNphpBB2 1.2i and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ModName parameter to (1) admin_words.php, (2) admin_groups_reapir.php, (3) admin_smilies.php, (4) admin_ranks.php, (5) admin_styles.php, and (6) admin_users.php in admin/.

N/A

N/A

PNphpBB2　参数ModName　多个目录遍历漏洞

PNphpBB2 1.2i版本及其早期版本中存在多个目录遍历漏洞。远程攻击者可以借助对(1)admin_words.php,(2)admin_groups_reapir.php, (3)admin_smilies.php,(4)admin_ranks.php,(5)admin_styles.php,和(6)admin/中的admin_users.php的ModName参数中的一个..，包含和运行任意本地文件。

N/A

N/A