Published: 10/10/2006 Updated: 19/10/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Admin Topic Action Logging Mod 0.95 and previous versions, as used in phpBB 2.0 up to 2.0.21, allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phpbb group phpbb 2.0
phpbb group phpbb 2.0.15
phpbb group phpbb 2.0.16
phpbb group phpbb 2.0.3
phpbb group phpbb 2.0.4
phpbb group phpbb 2.0.5
phpbb group phpbb 2.0.8a
phpbb group phpbb 2.0.9
phpbb group phpbb 2.0.11
phpbb group phpbb 2.0.12
phpbb group phpbb 2.0.19
phpbb group phpbb 2.0.2
phpbb group phpbb 2.0.6d
phpbb group phpbb 2.0.7
phpbb group phpbb 2.0_rc2
phpbb group phpbb 2.0_rc3
phpbb group phpbb 2.0.1
phpbb group phpbb 2.0.10
phpbb group phpbb 2.0.17
phpbb group phpbb 2.0.18
phpbb group phpbb 2.0.6
phpbb group phpbb 2.0.6c
phpbb group phpbb 2.0_beta1
phpbb group phpbb 2.0_rc1
phpbb group phpbb 2.0.13
phpbb group phpbb 2.0.14
phpbb group phpbb 2.0.20
phpbb group phpbb 2.0.21
phpbb group phpbb 2.0.7a
phpbb group phpbb 2.0.8
phpbb group phpbb 2.0_rc4

/ \ \ \ ,, / / '-`\()/`-' --_'( )'_-- / /` /`""`\ `\ \ * SpiderZ Hacking Security * | | >< | | \ \ / / '__' # Author: SpiderZ # Admin Topic Action Logging Remote File Inclusion Vulnerability # Version 095 Admin Topic Action Logging # ...

NVD-CWE-Other https://exchange.xforce.ibmcloud.com/vulnerabilities/29345 https://www.exploit-db.com/exploits/2475/https://nvd.nist.gov https://www.exploit-db.com/exploits/2475/

CVE-2006-5209

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect