CVE-2004-1582 - Abstruse Misfits

Description

PHP remote file inclusion vulnerability in BlackBoard 1.5.1 allows remote attackers to execute arbitrary PHP code by modifying the libpath parameter (incorrectly called \libpach) to reference a URL on a remote web server that contains _more.php as demonstrated using checkdb.inc.php.

Reference

http://blackboard.unclassified.de/701#1031 http://www.securityfocus.com/bid/11336 http://secunia.com/advisories/12757 http://marc.info/?l=bugtraq&m=109707701719659&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/17637