Multiple PHP remote file inclusion vulnerabilities in the Joomlaboard Forum Component (com_joomlaboard) before 1.1.2 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) file_upload.php or (2) image_upload.php, a variant of CVE-2006-3528.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| joomlaboard | joomlaboard | * |