CVE-2007-2236 in PunBB信息

摘要

由 VulDB • 2026-07-01

PunBB 1.2.14及更早版本中的footer.php允许远程攻击者通过跨站脚本(XSS)攻击或经由pun_include标签,在include/user/中实现本地文件包含。例如,利用admin_options.php执行从上传的头像文件中提取的PHP代码即可证明此漏洞的存在。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!