Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019.
Max CVSS
7.5
EPSS Score
2.90%
Published
2007-04-03
Updated
2017-10-11
Directory traversal vulnerability in session.php in JSBoard 2.0.9 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the table parameter.
Max CVSS
5.0
EPSS Score
0.54%
Published
2005-01-20
Updated
2017-07-11
2 vulnerabilities found