Description
PHP remote file inclusion vulnerability in template.php in phpBB 2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: followup posts have disputed this issue, stating that template.php does not appear in phpBB and does not use a $page variable. It is possible that this is a site-specific vulnerability, or an issue in a mod
Exploits (1)
References (5)
Core 5
Core References
Exploit, Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/435995/100/0/threaded
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/435869/100/0/threaded
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/18255
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/436118/100/0/threaded
Exploit, Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/435978/100/0/threaded
Scores
EPSS
0.0403
EPSS Percentile
88.6%
Details
Status
published
Products (30)
phpbb_group/phpbb
2.0
phpbb_group/phpbb
2.0.1
phpbb_group/phpbb
2.0.2
phpbb_group/phpbb
2.0.3
phpbb_group/phpbb
2.0.4
phpbb_group/phpbb
2.0.5
phpbb_group/phpbb
2.0.6
phpbb_group/phpbb
2.0.6c
phpbb_group/phpbb
2.0.6d
phpbb_group/phpbb
2.0.7
... and 20 more
Published
Jun 06, 2006
Tracked Since
Feb 18, 2026