7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.152 Low
EPSS
Percentile
95.7%
Added: 12/28/2005
CVE: CVE-2005-2086
BID: 14086
OSVDB: 17613
phpBB is an open-source bulletin board package written in PHP.
This is a variant of an older vulnerability which allows remote command execution by requesting **viewtopic.php**
with a specially crafted **highlight**
parameter.
Upgrade to the latest version of phpBB.
<http://archives.neohapsis.com/archives/bugtraq/2005-06/0256.html>