include.php in Shoutpro 1.0 might allow remote attackers to bypass IP ban restrictions via a URL in the path parameter that points to an alternate bannedips.php file. NOTE: this issue was originally reported as remote file inclusion, but CVE analysis suggests that this cannot be used for code execution.
References
Configurations
History
No history.
Information
Published : 2007-02-24 00:28
Updated : 2024-02-28 11:01
NVD link : CVE-2006-7047
Mitre link : CVE-2006-7047
CVE.ORG link : CVE-2006-7047
JSON object : View
Products Affected
shoutpro
- shoutpro
CWE
CWE-264
Permissions, Privileges, and Access Controls