PT-2008-2764 · Phpbb · 123 Flash Chat Module

Name of the Vulnerable Software and Affected Versions: 123 Flash Chat Module for phpBB affected versions not specified Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the phpbb root path parameter to 1 "123flashchat.php" and 2 "phpbb login chat.php"...

PT-2007-6257 · Universibo · Universibo

Name of the Vulnerable Software and Affected Versions: UniversiBO version 1.3.4 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the phpbb root path parameter in the htmls/forum/includes/topic review.php file. This is due to a remote file inclusion...

MXBB MX Smartor Module PHPBB_Root_Path远程文件包含漏洞

mxBB Smartor Album module是一款基于PHP的WEB应用程序。 mxBB Smartor Album module不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'adminalbumotf.php'脚本对用户提交的'PHPBBRootPath'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 mxBB Smartor Album module 2.0 RC1 目前没有解决方案提供： http://www.mx-system.com/...

PT-2006-6318 · Phpbb · Phpbb

Name of the Vulnerable Software and Affected Versions: phpBB versions prior to the version that fixes the issue in Fully Modded phpBB phpbbfm 2021.4.40 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the phpbb root path parameter. This is a result of a PH...

phpBB RPG Events 1.0 functions_rpg_events Remote File Include Exploit

No description provided by source. !/usr/bin/perl PHPBB RPG Events 1.0.0 Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high...

phpBB Static Topics <= 1.0 [phpbb_root_path] Remote File Include Vulnerability

--------------------------------------------------------------------------- phpBB Static Topics = 1.0 phpbbrootpath Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team : hTTp://RST-CREW.net :...

Buzlas 2006-1 Full - Archive_Topic.php Remote File Inclusion

Buzlas 2006-1 Full - ArchiveTopic.php Remote File Inclusion source: https://www.securityfocus.com/bid/20511/info Buzlas is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the...

phpBB XS <= 0.58a (phpbb_root_path) Remote File Include Vulnerability

No description provided by source. phpBB XS = 0.58 phpbbrootpath Remote File Include Vulnerability2 Author: XORON - SHiKaA URL: http://www.comscripts.com/jump.php?action=script&id=1082 Class: Remote Code: include$phpbbrootpath . 'language/lang' . $boardconfig'defaultlang' . '/langbbcbmg.' . $phpE...

PT-2006-5449 · Premod · Premod Shadow

Name of the Vulnerable Software and Affected Versions: Premod Shadow versions 2.7.1 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the phpbb root path parameter in the includes/functions portal.php file. Recommendations: For Premod Shadow...