{ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2007-3085", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "n/a", "version" : { "version_data" : [ { "version_value" : "n/a" } ] } } ] }, "vendor_name" : "n/a" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "Multiple PHP remote file inclusion vulnerabilities in PBSite allow remote attackers to execute arbitrary PHP code via a URL in the (1) dbpath parameter to (a) useronline.php, (b) ucp.php, (c) setcookie.php, (d) sendpm.php, (e) search.php, (f) register.php, (g) profile.php, (h) post.php, (i) pmpshow.php, (j) pm.php, (k) ntopic.php, (l) nreply.php, (m) news.php, (n) memberslist.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (u) editpost.php, (v) delpost.php, (w) delpm.php, (x) confirm.php, (y) board.php, (z) admin2.php, (aa) admin.php, or (bb) templates/pb/css/formstyles.php; or the (2) temppath parameter to (a) useronline.php, (c) setcookie.php, (e) search.php, (f) register.php, (h) post.php, (l) nreply.php, (m) news.php, (o) logout.php, (p) login.php, (q) index.php, (r) help.php, (s) forum.php, (t) error.php, (w) delpm.php, (x) confirm.php, or (y) board.php." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "n/a" } ] } ] }, "references" : { "reference_data" : [ { "name" : "20070601 PBSite - PHP Bulletin Site | CMS ====> RFI", "refsource" : "BUGTRAQ", "url" : "http://www.securityfocus.com/archive/1/470239/100/0/threaded" }, { "name" : "20070602 PBSite - PHP Bulletin Site | CMS ====> RFI", "refsource" : "BUGTRAQ", "url" : "http://www.securityfocus.com/archive/1/470347/100/0/threaded" }, { "name" : "38759", "refsource" : "OSVDB", "url" : "http://osvdb.org/38759" }, { "name" : "38760", "refsource" : "OSVDB", "url" : "http://osvdb.org/38760" }, { "name" : "38761", "refsource" : "OSVDB", "url" : "http://osvdb.org/38761" }, { "name" : "38762", "refsource" : "OSVDB", "url" : "http://osvdb.org/38762" }, { "name" : "38763", "refsource" : "OSVDB", "url" : "http://osvdb.org/38763" }, { "name" : "38764", "refsource" : "OSVDB", "url" : "http://osvdb.org/38764" }, { "name" : "38765", "refsource" : "OSVDB", "url" : "http://osvdb.org/38765" }, { "name" : "38766", "refsource" : "OSVDB", "url" : "http://osvdb.org/38766" }, { "name" : "38767", "refsource" : "OSVDB", "url" : "http://osvdb.org/38767" }, { "name" : "38768", "refsource" : "OSVDB", "url" : "http://osvdb.org/38768" }, { "name" : "38769", "refsource" : "OSVDB", "url" : "http://osvdb.org/38769" }, { "name" : "38770", "refsource" : "OSVDB", "url" : "http://osvdb.org/38770" }, { "name" : "38771", "refsource" : "OSVDB", "url" : "http://osvdb.org/38771" }, { "name" : "38772", "refsource" : "OSVDB", "url" : "http://osvdb.org/38772" }, { "name" : "38773", "refsource" : "OSVDB", "url" : "http://osvdb.org/38773" }, { "name" : "38774", "refsource" : "OSVDB", "url" : "http://osvdb.org/38774" }, { "name" : "38775", "refsource" : "OSVDB", "url" : "http://osvdb.org/38775" }, { "name" : "38776", "refsource" : "OSVDB", "url" : "http://osvdb.org/38776" }, { "name" : "38777", "refsource" : "OSVDB", "url" : "http://osvdb.org/38777" }, { "name" : "38778", "refsource" : "OSVDB", "url" : "http://osvdb.org/38778" }, { "name" : "38779", "refsource" : "OSVDB", "url" : "http://osvdb.org/38779" }, { "name" : "38780", "refsource" : "OSVDB", "url" : "http://osvdb.org/38780" }, { "name" : "38781", "refsource" : "OSVDB", "url" : "http://osvdb.org/38781" }, { "name" : "38782", "refsource" : "OSVDB", "url" : "http://osvdb.org/38782" }, { "name" : "38783", "refsource" : "OSVDB", "url" : "http://osvdb.org/38783" }, { "name" : "38784", "refsource" : "OSVDB", "url" : "http://osvdb.org/38784" }, { "name" : "38785", "refsource" : "OSVDB", "url" : "http://osvdb.org/38785" }, { "name" : "38786", "refsource" : "OSVDB", "url" : "http://osvdb.org/38786" }, { "name" : "2777", "refsource" : "SREASON", "url" : "http://securityreason.com/securityalert/2777" }, { "name" : "pbsite-dbpathtemppath-file-include(34675)", "refsource" : "XF", "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34675" } ] } }