Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

PBLang BBS <= 4.65 Multiple Vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
Checks for multiple vulnerabilities in PBLang BBS <= 4.65

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a PHP application that suffers from
multiple flaws.

Description :

According to its banner, the remote host is running a version of
PBLang BBS, a bulletin board system written in PHP, that suffers from
the following vulnerabilities:

- HTML Injection Vulnerability in pmpshow.php.
A possible hacker can inject arbitrary HTML and script into the
body of PMs sent to users allowing for theft of
authentication cookies or misrepresentation of the site.

- Cross-Site Scripting Vulnerability in search.php.
If a possible hacker can trick a user into following a specially
crafted link to search.php from an affected version of
PBLang, he can inject arbitrary script into the user's
browser to, say, steal authentication cookies.

- Remote PHP Script Injection Vulnerability in ucp.php.
PBLang allows a user to enter a PHP script into his/her
profile values, to be executed with the permissions of
the web server user whenever the user logs in.

- Directory Traversal Vulnerability in sendpm.php.
A logged-in user can read arbitrary files, subject to
permissions of the web server user, by passing full
pathnames through the 'orig' parameter when calling

- Arbitrary Personal Message Deletion Vulnerability in delpm.php.
A logged-in user can delete anyone's personal messages by
passing a PM id through the 'id' parameter and a username
through the 'a' parameter when calling delpm.php.

See also :

Solution :

Upgrade to PBLang 4.66z or later.

Threat Level:

Low / CVSS Base Score : 2

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.