CVE-2006-7148
PHPBB <206.2.38 - RCE
Title source: llmDescription
PHP remote file inclusion vulnerability in includes/bb_usage_stats.php in maluinfo 206.2.38 for Brazilian PHPBB allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter. NOTE: this might be the same issues as CVE-2006-4893.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Nima Salehi · perlwebappsphp
https://www.exploit-db.com/exploits/2537
References (4)
Scores
EPSS
0.0047
EPSS Percentile
64.8%
Details
Status
published
Products (1)
phpbb/maluinfo
206.2.38
Published
Mar 07, 2007
Tracked Since
Feb 18, 2026