Phpbb Group » Phpbb » 2.0.8 : Security Vulnerabilities, CVEs, (File inclusion)
PHP remote file inclusion vulnerability in groupcp.php in phpBB 2.0.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: CVE and the vendor dispute this vulnerability because $phpbb_root_path is defined before use
Max CVSS
7.5
EPSS Score
0.68%
Published
2006-10-20
Updated
2024-04-11
PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Max CVSS
7.5
EPSS Score
5.82%
Published
2006-10-10
Updated
2017-10-19
PHP remote file inclusion vulnerability in template.php in phpBB 2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: followup posts have disputed this issue, stating that template.php does not appear in phpBB and does not use a $page variable. It is possible that this is a site-specific vulnerability, or an issue in a mod
Max CVSS
7.5
EPSS Score
6.78%
Published
2006-06-06
Updated
2024-04-11
PHP remote file inclusion vulnerability in album_portal.php in phpBB modified by Przemo 1.8 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter.
Max CVSS
7.5
EPSS Score
4.73%
Published
2004-04-19
Updated
2017-07-11
PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_path parameter to reference a URL on a remote web server that contains the code.
Max CVSS
7.5
EPSS Score
4.06%
Published
2004-12-31
Updated
2017-07-11
5 vulnerabilities found