CVE-2007-3401

Description

PHP remote file inclusion vulnerability in footer.inc.php in B1G b1gBB 2.24 allows remote attackers to execute arbitrary PHP code via a URL in the tfooter parameter.

Affected products

• b1g / b1gbb2.24 – 2.24

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/25837
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/35035
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/2321
• MISChttp://www.securityfocus.com/bid/24624
• EXPLOIThttps://www.exploit-db.com/exploits/4102
• MISChttp://osvdb.org/36291