Vulnerability Description
PHP remote file inclusion vulnerability in BlackBoard 1.5.1 allows remote attackers to execute arbitrary PHP code by modifying the libpath parameter (incorrectly called "libpach") to reference a URL on a remote web server that contains _more.php, as demonstrated using checkdb.inc.php.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Blackboard Internet Newsboard System | Blackboard Internet Newsboard System | 1.5.1 |
References
- http://blackboard.unclassified.de/70%2C1#1031
- http://marc.info/?l=bugtraq&m=109707701719659&w=2
- http://secunia.com/advisories/12757PatchVendor Advisory
- http://www.securityfocus.com/bid/11336Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17637
- http://blackboard.unclassified.de/70%2C1#1031
- http://marc.info/?l=bugtraq&m=109707701719659&w=2
- http://secunia.com/advisories/12757PatchVendor Advisory
- http://www.securityfocus.com/bid/11336Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17637
FAQ
What is CVE-2004-1582?
CVE-2004-1582 is a vulnerability with a CVSS score of 7.5 (HIGH). PHP remote file inclusion vulnerability in BlackBoard 1.5.1 allows remote attackers to execute arbitrary PHP code by modifying the libpath parameter (incorrectly called "libpach") to reference a URL o...
How severe is CVE-2004-1582?
CVE-2004-1582 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1582?
Check the references section above for vendor advisories and patch information. Affected products include: Blackboard Internet Newsboard System Blackboard Internet Newsboard System.