HTTP: PHPForum MAIN_PATH Remote File Include
This signature detects an attempt to force PHP Forum to include and execute PHP code from a remote Web server. The vulnerability was shown to be present in PHPForum version 2 RC1.
Extended Description
phpForum is prone to a vulnerability that may permit remote attackers to include and execute malicious PHP scripts. This could be exploited to execute malicious PHP commands in the context of the web server process.
Affected Products
Phpforum phpforum
References
BugTraq: 8158
URL: http://www.securityfocus.com/archive/1/328675 http://www.phpmyforum.de/
Short Name
HTTP:PHP:PHPFORUM-INC
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
File Include MAIN_PATH PHPForum Remote bid:8158
Release Date
10/08/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Phpforum