Remote File Inclusion Vulnerability in phpBB by phpBB Group
CVE-2006-5435

Currently unrated

Key Information:

Vendor: PHPbb Group
Status: PHPbb
Vendor: CVE Published:; 20 October 2006

🔔 Create PHPbb Group Vulnerability Alert

What is CVE-2006-5435?

phpBB versions 2.0.10 and earlier are vulnerable to a remote file inclusion attack through the groupcp.php script. Attackers can exploit this vulnerability to execute arbitrary PHP code by injecting a malicious URL into the phpbb_root_path parameter, though it is worth noting that the vendor argues this parameter's definition precedes its usage. This flaw poses a significant risk if not addressed promptly.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/449114/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/449232/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 20, 2006
Vulnerability Reserved
Oct 20, 2006

JSON

PHPbb Group

What is CVE-2006-5435?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.