[VIM] dispute: older CyBoards common.php RFI (CVE-2006-2871)

Steven M. Christey coley at mitre.org
Thu Apr 12 00:09:36 UTC 2007


Researcher: SpC-x
Ref: CyBoards PHP Lite v1.25 (common.PHP) Remote File Inclusion
     http://www.securityfocus.com/archive/1/archive/1/435977/100/0/threaded

Using the 1.25 code referenced in the previous post, we have:

  include("/home/www/forums/include/config.php");
  include($script_path."/db/mysql.php");

  ... and later uses.

Inspections suggests that a failed inclusion would cause lots of
problems, so the pathname would need to be changed during
installation; this is also documented in readme.txt.

config.php itself has:

  $script_path = "/home/www/forums";                 // Unix path to the forum directory. Do not include a trailing slash

config.php doesn't have any nested includes, requires, dynamic
evaluation, or extract.

$script_path is used in other include's in common.php but have the
same negative results.

- Steve


More information about the VIM mailing list