SIR : Security Vulnerabilities, CVEs, Published In 2009 (Code Execution)
Directory traversal vulnerability in common.php in SIR GNUBoard 4.31.03 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the g4_path parameter. NOTE: in some environments, this can be leveraged for remote code execution via a data: URI or a UNC share pathname.
Max CVSS
6.8
EPSS Score
2.16%
Published
2009-01-27
Updated
2017-09-29
1 vulnerabilities found