CVE-2007-5009
phpBB Plus 1.53-1.53a - Remote Code Execution via phpbb_root_path Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-5009. PoCs published by Mehrad.
AI-analyzed exploit summary This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in PHPBBPlus 1.53. The vulnerability allows an attacker to include a remote shell by manipulating the 'phpbb_root_path' parameter in the specified file.
Description
PHP remote file inclusion vulnerability in language/lang_german/lang_main_album.php in phpBB Plus 1.53, and 1.53a before 20070922, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Exploits (1)
This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in PHPBBPlus 1.53. The vulnerability allows an attacker to include a remote shell by manipulating the 'phpbb_root_path' parameter in the specified file.