Remote File Inclusion Vulnerability in phpBB by phpBB Group
CVE-2006-5235

Currently unrated

Key Information:

Vendor: Dimension Of PHPbb
Status: Dimension Of PHPbb
Vendor: CVE Published:; 11 October 2006

What is CVE-2006-5235?

A remote file inclusion vulnerability exists in the phpBB software within the includes/functions_kb.php file. This flaw enables attackers to execute arbitrary PHP code by crafting a malicious URL in the phpbb_root_path parameter. Users running phpBB version 0.2.6 or earlier are particularly at risk, as the vulnerability allows unauthorized code execution, potentially leading to compromise of the hosting server. Organizations are urged to update their phpBB installations to mitigate this risk.

References

http://www.vupen.com/english/advisories/2006/3923

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Oct 11, 2006
Vulnerability Reserved
Oct 10, 2006

Dimension Of PHPbb

What is CVE-2006-5235?

References

Timeline