2 matches found
CVE-2006-7032
The CVE-2006-7032 entry corresponds to a PHP remote file inclusion vulnerability in phpBB/FlashBB. Specifically, FlashBB 1.1.5 and earlier vulnerable code path is in phpbb/getmsg.php, where an attacker can influence the phpbb_root_path parameter to cause the application to include remote files an...
CVE-2007-3697
CVE-2007-3697 describes a PHP remote file inclusion vulnerability in phpBB/sendmsg.php affecting FlashBB 1.1.8 and earlier . The flaw allows remote attackers to execute arbitrary code by supplying a URL in the phpbb_root_path parameter. The NVD entry lists a CVSS v2 base score of 7.5 (HIGH) with ...