Skip to main content

CVE-2006-2283

Severity High
Score 7.5/10

Summary

Multiple PHP remote file inclusion vulnerabilities in SpiffyJr phpRaid 2.9.5 through 3.0.b3 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) auth.php and (2) auth_phpbb when the phpBB portal is enabled, and via a URL in the smf_root_path parameter in (3) auth.php and (4) auth_SMF when the SMF portal is enabled.

  • LOW
  • NETWORK
  • NONE
  • PARTIAL
  • PARTIAL
  • PARTIAL

References

Advisory Timeline

  • Published