CVE-2006-1800 Information

Description

Directory traversal vulnerability in posts.php in SimpleBBS 1.0.6 through 1.1 allows remote attackers to include and execute arbitrary files via ..\ sequences in the language cookie as demonstrated by by injecting the code into the gl_session cookie of users.php which is stored in error.log.

Reference

http://downloads.securityfocus.com/vulnerabilities/exploits/SimpleBBS-RCE-posts.php.pl http://www.securityfocus.com/archive/1/430872 http://www.securityfocus.com/bid/17501 http://www.worlddefacers.de/Public/WD-SMPL.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/25788