CVE-2006-5222

Multiple PHP remote file inclusion vulnerabilities in Dimension of phpBB 0.2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/themen_portal_mitte.php or (2) includes/logger_engine.php.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-10 05:07:00.000-04
Last Modified2017-10-18 09:29:31.000-04

Vulnerable Software List

VendorProductVersions
Dimension Of Phpbb Dimension Of Phpbb 0.2.6

References

SourceLink
BID20367
VUPENADV-2006-3923
XFdimension-phpbbroot-file-include(29361)
EXPLOIT-DB2481