CVE-2006-5301

PHP remote file inclusion vulnerability in includes/antispam.php in the SpamBlockerMODv 1.0.2 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

Score6.8
Access VectorNETWORK
Access ComplexityMEDIUM
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-17 11:07:00.000-04
Last Modified2017-10-18 09:29:32.000-04

Vulnerable Software List

VendorProductVersions
Phpbb Spamblockermod 1.0, 1.0.1, 1.0.2

References

SourceLink
BUGTRAQ20061012 SpamBlockerMODv <= 1.0.2 Remote File Include Vulnerability
BID20501
VUPENADV-2006-4028
XFphpbb-antispam-file-include(29506)
EXPLOIT-DB2533