CVE-2007-3085
Description
Multiple PHP remote file inclusion vulnerabilities in PBSite allow remote attackers to execute arbitrary PHP code via a URL in the (1) dbpath parameter to (a) useronline.php, (b) ucp.php, (c) setcookie.php, (d) sendpm.php, (e) search.php, (f) register.php, (g) profile.php, (h) post.php, (i) pmpshow.php, (j) pm.php, (k) ntopic.php, (l) nreply.php, (m) news.php, (n) memberslist.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (u) editpost.php, (v) delpost.php, (w) delpm.php, (x) confirm.php, (y) board.php, (z) admin2.php, (aa) admin.php, or (bb) templates/pb/css/formstyles.php; or the (2) temppath parameter to (a) useronline.php, (c) setcookie.php, (e) search.php, (f) register.php, (h) post.php, (l) nreply.php, (m) news.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (w) delpm.php, (x) confirm.php, or (y) board.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
32- osvdb.org/38759nvd
- osvdb.org/38760nvd
- osvdb.org/38761nvd
- osvdb.org/38762nvd
- osvdb.org/38763nvd
- osvdb.org/38764nvd
- osvdb.org/38765nvd
- osvdb.org/38766nvd
- osvdb.org/38767nvd
- osvdb.org/38768nvd
- osvdb.org/38769nvd
- osvdb.org/38770nvd
- osvdb.org/38771nvd
- osvdb.org/38772nvd
- osvdb.org/38773nvd
- osvdb.org/38774nvd
- osvdb.org/38775nvd
- osvdb.org/38776nvd
- osvdb.org/38777nvd
- osvdb.org/38778nvd
- osvdb.org/38779nvd
- osvdb.org/38780nvd
- osvdb.org/38781nvd
- osvdb.org/38782nvd
- osvdb.org/38783nvd
- osvdb.org/38784nvd
- osvdb.org/38785nvd
- osvdb.org/38786nvd
- securityreason.com/securityalert/2777nvd
- www.securityfocus.com/archive/1/470239/100/0/threadednvd
- www.securityfocus.com/archive/1/470347/100/0/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/34675nvd
News mentions
0No linked articles in our index yet.