Back to search
CVE-2012-4036
Published: Aug 27, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
Unrestricted file upload vulnerability in admin.php in PBBoard 2.1.4 allows remote administrators to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the addons directory. NOTE: this vulnerability can be leveraged by remote attackers using CVE-2012-1216.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www.htbridge.com/advisory/HTB23101
x_refsource_MISC
http://www.pbboard.com/forums/t10353.html
x_refsource_MISC
pbboard-admin-security-bypass(77508)
vdb-entry
x_refsource_XF
54916
vdb-entry
x_refsource_BID
http://www.pbboard.com/forums/t10352.html
x_refsource_MISC
84479
vdb-entry
x_refsource_OSVDB
50153
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now