CVE-2007-3085

critical

Description

Multiple PHP remote file inclusion vulnerabilities in PBSite allow remote attackers to execute arbitrary PHP code via a URL in the (1) dbpath parameter to (a) useronline.php, (b) ucp.php, (c) setcookie.php, (d) sendpm.php, (e) search.php, (f) register.php, (g) profile.php, (h) post.php, (i) pmpshow.php, (j) pm.php, (k) ntopic.php, (l) nreply.php, (m) news.php, (n) memberslist.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (u) editpost.php, (v) delpost.php, (w) delpm.php, (x) confirm.php, (y) board.php, (z) admin2.php, (aa) admin.php, or (bb) templates/pb/css/formstyles.php; or the (2) temppath parameter to (a) useronline.php, (c) setcookie.php, (e) search.php, (f) register.php, (h) post.php, (l) nreply.php, (m) news.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (w) delpm.php, (x) confirm.php, or (y) board.php.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/34675

http://www.securityfocus.com/archive/1/470347/100/0/threaded

http://www.securityfocus.com/archive/1/470239/100/0/threaded

http://securityreason.com/securityalert/2777

http://osvdb.org/38786

http://osvdb.org/38785

http://osvdb.org/38784

http://osvdb.org/38783

http://osvdb.org/38782

http://osvdb.org/38781

http://osvdb.org/38780

http://osvdb.org/38779

http://osvdb.org/38778

http://osvdb.org/38777

http://osvdb.org/38776

http://osvdb.org/38775

http://osvdb.org/38774

http://osvdb.org/38773

http://osvdb.org/38772

http://osvdb.org/38771

http://osvdb.org/38770

http://osvdb.org/38769

http://osvdb.org/38768

http://osvdb.org/38767

http://osvdb.org/38766

http://osvdb.org/38765

http://osvdb.org/38764

http://osvdb.org/38763

http://osvdb.org/38762

http://osvdb.org/38761

http://osvdb.org/38760

http://osvdb.org/38759

Details

Source: Mitre, NVD

Published: 2007-06-06

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.02282