CVE-2006-5305

PHP remote file inclusion vulnerability in lat2cyr.php in the lat2cyr 1.0.1 and earlier phpbb module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

Score5.1
Access VectorNETWORK
Access ComplexityHIGH
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-17 11:07:00.000-04
Last Modified2018-10-17 05:42:04.000-04

Vulnerable Software List

VendorProductVersions
Phpbb Lat2cyr 1.0.1

References

SourceLink
SREASON1729
BUGTRAQ20061012 phpBB lat2cyr <= 1.0.1 Remote File Include Vulnerability
BID20513
VUPENADV-2006-4050
XFlat2cyr-phpbbrootpath-file-include(29572)
EXPLOIT-DB2546