SpiderZ

5 exploits Active since Aug 2006
CVE-2006-5209 EXPLOITDB text WORKING POC
Admin Topic Action Logging Mod <0.95 - RCE
PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-4367 EXPLOITDB perl WORKING POC
All Topics Hack < 1.5.0 - SQL Injection via Start Parameter
SQL injection vulnerability in alltopics.php in the All Topics Hack 1.5.0 and earlier for phpBB 2.0.21 allows remote attackers to execute arbitrary SQL commands via the start parameter.
CVE-2006-5224 EXPLOITDB text WRITEUP
Dimitri Seitz Security Suite IP Logger 1.0.0 - RCE
PHP remote file inclusion vulnerability in includes/logger_engine.php in Dimitri Seitz Security Suite IP Logger 1.0.0 in dwingmods for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5222 EXPLOITDB text WORKING POC
Dimension of phpBB <= 0.2.6 - Remote File Inclusion via phpbb_root_path Parameter
Multiple PHP remote file inclusion vulnerabilities in Dimension of phpBB 0.2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/themen_portal_mitte.php or (2) includes/logger_engine.php.
CVE-2006-5187 EXPLOITDB text WORKING POC
Bulletin Board Ace < 3.5 - Remote Code Execution via phpbb_root_path Parameter
PHP remote file inclusion vulnerability in includes/functions.php in Bulletin Board Ace (BBaCE) 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.