Phpbb Group » Phpbb » 2.0.5 : Security Vulnerabilities, CVEs, Published In 2006 (File inclusion)
PHP remote file inclusion vulnerability in groupcp.php in phpBB 2.0.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: CVE and the vendor dispute this vulnerability because $phpbb_root_path is defined before use
Max CVSS
7.5
EPSS Score
0.68%
Published
2006-10-20
Updated
2024-03-21
PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Max CVSS
7.5
EPSS Score
5.82%
Published
2006-10-10
Updated
2017-10-19
PHP remote file inclusion vulnerability in template.php in phpBB 2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: followup posts have disputed this issue, stating that template.php does not appear in phpBB and does not use a $page variable. It is possible that this is a site-specific vulnerability, or an issue in a mod
Max CVSS
7.5
EPSS Score
6.78%
Published
2006-06-06
Updated
2024-03-21
3 vulnerabilities found