CVE-2006-2151

2006-05-0310:00:00

mitre

www.cve.org

6.9 Medium

AI Score

Confidence

High

0.1 Low

EPSS

Percentile

95.0%

JSON

PHP remote file inclusion vulnerability in toplist.php in phpBB TopList 1.3.8 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via the phpbb_root_path parameter.

References

secunia.com/advisories/19884

www.osvdb.org/25260

www.vupen.com/english/advisories/2006/1601

exchange.xforce.ibmcloud.com/vulnerabilities/26172

www.exploit-db.com/exploits/1722

www.exploit-db.com/exploits/1724