3 matches found
CVE-2006-4968
PNphpBB 1.2g is affected by a PHP remote file inclusion vulnerability in includes/functions_admin.php, exploitable via the phpbb_root_path parameter to execute arbitrary PHP code when a URL is supplied. This aligns with CVE-2006-4968 as described by NVD, with a base score of 7.5 (HIGH) and networ...
CVE-2006-4968
PHP remote file inclusion vulnerability in includes/functionsadmin.php in PNphpBB 1.2g allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
PostNuke PNphpBB2 includes/functions_admin.php phpbb_root_path Parameter Remote File Inclusion
The installation of PostNuke on the remote host includes a version of the PNphpBB2 module that fails to sanitize input to the 'phpbbrootpath' parameter of the 'includes/functionsadmin.php' script before using it in a PHP 'includeonce' function. Provided PHP's 'registerglobals' setting is enabled,...