CVE-2005-2086

phpBB <= 2.0.15 - Remote File Inclusion in viewtopic.php

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2005-2086. PoCs published by Metasploit, str0ke, including Metasploit module exploits/unix/webapp/phpbb_highlight.

AI-analyzed exploit summary This Metasploit module exploits a PHP code injection vulnerability in phpBB's viewtopic.php via the 'highlight' parameter, leveraging improper input validation in preg_replace(). It supports multiple versions and automatically detects the appropriate exploit method.

Description

PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubywebappsphp
https://www.exploit-db.com/exploits/16890

This Metasploit module exploits a PHP code injection vulnerability in phpBB's viewtopic.php via the 'highlight' parameter, leveraging improper input validation in preg_replace(). It supports multiple versions and automatically detects the appropriate exploit method.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: phpBB 2.0.4 through 2.0.15
No auth needed
Prerequisites: Access to a valid topic ID or ability to discover one via brute-force
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by str0ke · webappsphp
https://www.exploit-db.com/exploits/1113

This is a Metasploit module exploiting CVE-2005-2086, an arbitrary command execution vulnerability in phpBB 2.0.15. It crafts a malicious HTTP GET request with a payload encoded as chr() function calls, executed via passthru().

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: phpBB 2.0.15
No auth needed
Prerequisites: Target running phpBB 2.0.15 with exposed viewtopic.php · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
rubypocunix
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/phpbb_highlight.rb

This Metasploit module exploits a PHP code injection vulnerability in phpBB's viewtopic.php via the 'highlight' parameter, leveraging improper input validation in preg_replace(). It supports multiple versions of phpBB (2.0.4-2.0.15) and automatically detects the appropriate exploit method.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: phpBB 2.0.4 through 2.0.15
No auth needed
Prerequisites: A valid topic ID or the ability to discover one · Access to the phpBB viewtopic.php endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=111999905917019&w=2

Scores

EPSS 0.8537
EPSS Percentile 99.7%

Details

Status published
Products (1)
phpbb_group/phpbb 2.0.15
Published Jul 05, 2005
Tracked Since Feb 18, 2026