CVE-2005-0603

phpBB <= 2.0.12 - Information Disclosure via Invalid Regular Expression in Highlight Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0603. PoCs published by Parcer0.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2005-0603, a full path disclosure vulnerability in phpBB 2.0.12. It includes the vulnerable code snippet, exploitation method, and root cause analysis, but does not contain functional exploit code.

Description

viewtopic.php in phpBB 2.0.12 and earlier allows remote attackers to obtain sensitive information via a highlight parameter containing invalid regular expression syntax, which reveals the path in a PHP error message.

Exploits (1)

nomisec WRITEUP
by Parcer0 · poc
https://github.com/Parcer0/CVE-2005-0603-phpBB-2.0.12-Full-path-disclosure

This repository provides a detailed technical analysis of CVE-2005-0603, a full path disclosure vulnerability in phpBB 2.0.12. It includes the vulnerable code snippet, exploitation method, and root cause analysis, but does not contain functional exploit code.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: phpBB 2.0.12 and lower versions
No auth needed
Prerequisites: Access to the target phpBB instance
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.phpbb.com/phpBB/viewtopic.php?t=267563
URL Repurposed x_refsource_misc
http://neossecurity.net/Advisories/Advisory-06.txt
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/14413
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110943646112950&w=2

Scores

EPSS 0.0432
EPSS Percentile 89.9%

Details

Status published
Products (21)
phpbb_group/phpbb 2.0.0
phpbb_group/phpbb 2.0.1
phpbb_group/phpbb 2.0.2
phpbb_group/phpbb 2.0.3
phpbb_group/phpbb 2.0.4
phpbb_group/phpbb 2.0.5
phpbb_group/phpbb 2.0.6
phpbb_group/phpbb 2.0.6c
phpbb_group/phpbb 2.0.6d
phpbb_group/phpbb 2.0.7
... and 11 more
Published Feb 28, 2005
Tracked Since Feb 18, 2026