phpBB Allows Remote Code Execution Through Admin Panel Access
CVE-2006-1896

Currently unrated

Key Information:

Vendor

PHPbb Group

Status
PHPbb
Vendor
CVE Published:
20 April 2006

What is CVE-2006-1896?

An unspecified vulnerability in phpBB allows remote authenticated users with Administration Panel access to execute arbitrary PHP code. This can occur via crafted Font Colour 3 ($theme[fontcolor3] variable) or signature values, potentially involving the highlight functionality. The report does not specify whether this issue is related to static code injection, eval injection, or another form of exploitation. This vulnerability poses significant risks, enabling unauthorized actions within the application.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/431015/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.debian.org/security/2006/dsa-1066
vendor-advisoryx_refsource_DEBIAN
https://exchange.xforce.ibmcloud.com/vulnerabilities/25889
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.