Back to search
CVE-2006-4759
Published: Sep 13, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
PunBB 1.2.12 does not properly handle an avatar directory pathname ending in %00, which allows remote authenticated administrative users to upload arbitrary files and execute code, as demonstrated by a query to admin_options.php with an avatars_dir parameter ending in %00. NOTE: this issue was originally disputed by the vendor, but the dispute was withdrawn on 20060926.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://forums.punbb.org/viewtopic.php?id=13255
x_refsource_CONFIRM
20060919 Dispute - CVE-2006-4759 - PunBB
mailing-list
x_refsource_VIM
20060911 ShAnKaR: multiple PHP application poison NULL byte vulnerability
mailing-list
x_refsource_BUGTRAQ
20060926 PunBB - more
mailing-list
x_refsource_VIM
20060919 Re: ShAnKaR: multiple PHP application poison NULL byte vulnerability
mailing-list
x_refsource_BUGTRAQ
20060925 PunBB - more
mailing-list
x_refsource_VIM
phpbb-nullbyte-file-upload(28884)
vdb-entry
x_refsource_XF
http://www.security.nnov.ru/Odocument221.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now