CVE-2006-5735

Publication date

2006-11-06 18:00:00

Family

mitre

State

PUBLISHED

Description

Directory traversal vulnerability in include/common.php in PunBB before 1.2.14 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the language parameter, related to register.php storing a language value in the users table.