Phpbb : Security Vulnerabilities, CVEs, Published In 2008 (File inclusion)
Multiple PHP remote file inclusion vulnerabilities in the 123 Flash Chat Module for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) 123flashchat.php and (2) phpbb_login_chat.php. NOTE: CVE disputes this issue because $phpbb_root_path is explicitly set to "./" in both programs
Max CVSS
6.8
EPSS Score
0.64%
Published
2008-03-05
Updated
2024-04-11
1 vulnerabilities found