Remote File Inclusion Vulnerabilities in phpBB by Dimension
CVE-2006-5222

Currently unrated

Key Information:

Vendor: Dimension Of PHPbb
Status: Dimension Of PHPbb
Vendor: CVE Published:; 10 October 2006

What is CVE-2006-5222?

Multiple remote file inclusion vulnerabilities exist in Dimension for phpBB versions 0.2.6 and earlier. These flaws permit remote attackers to run arbitrary PHP code through manipulation of the 'phpbb_root_path' parameter in specific files, primarily 'includes/themen_portal_mitte.php' and 'includes/logger_engine.php'. This creates a significant security risk for websites using these versions, allowing attackers to potentially compromise systems and execute malicious scripts.

References

http://secunia.com/advisories/22287

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2006/3923

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/20367

vdb-entryx_refsource_BID

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 10, 2006
Vulnerability Reserved
Oct 10, 2006

Dimension Of PHPbb

What is CVE-2006-5222?

References

EPSS Score

Timeline