Splatt Forum

CVEs (1)

• CVE-2007-1633Mar 23, 2007
  Giorgio Ciranni

  Splatt Forum
  risk 0.03cvss —epss 0.06

  Directory traversal vulnerability in bbcode_ref.php in the Giorgio Ciranni Splatt Forum 4.0 RC1 module for PHP-Nuke allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the name parameter, as demonstrated by injecting PHP sequences into an…