PHP Remote File Inclusion Vulnerability in Fully Modded phpBB2
CVE-2007-2257

Currently unrated

Key Information:

Vendor: Fully Modded PHPbb
Status: Fully Modded PHPbb2
Vendor: CVE Published:; 25 April 2007

🔔 Create Fully Modded PHPbb Vulnerability Alert

What is CVE-2007-2257?

The vulnerability in Fully Modded phpBB2 creates a potential security risk by allowing remote attackers to include files via the phpbb_root_path parameter in subscp.php. This can lead to the unauthorized execution of arbitrary PHP code, compromising the integrity and security of the web application and potentially exposing sensitive data. Proper validation and sanitization measures are crucial to mitigate this risk effectively.

References

http://securityreason.com/securityalert/2621

third-party-advisoryx_refsource_SREASON

https://exchange.xforce.ibmcloud.com/vulnerabilities/33751

vdb-entryx_refsource_XF

http://www.securityfocus.com/archive/1/466177/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 25, 2007
Vulnerability Reserved
Apr 25, 2007

CVE-2007-2257 Data

JSON