An attacker must supply valid administrator authentication credentials in order to exploit this vulnerability. It is common for phpBB administrators to be restricted from the privileges required to execute arbitrary PHP code.
Vendor URL: http://www.phpbb.com/
Related OSVDB ID: 31370
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-04/0284.html
Bugtraq ID: 17573