CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 2CVE-2006-7090
https://notcve.org/view.php?id=CVE-2006-7090
PHP remote file inclusion vulnerability in phpbb_security.php in phpBB Security 1.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the php_root_path parameter. Vulnerabilidad de inclusión remota de archivo en PHP en phpbb_security.php de phpBBSecurity 1.0.1 y anteriores permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro php_root_path. • http://securityreason.com/securityalert/2327 http://www.securityfocus.com/archive/1/448607 http://www.securityfocus.com/bid/20518 https://exchange.xforce.ibmcloud.com/vulnerabilities/29573 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2006-5083
https://notcve.org/view.php?id=CVE-2006-5083
PHP remote file inclusion vulnerability in includes/functions_portal.php in Integrated MODs (IM) Portal 1.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Vulnerabilidad PHP de inclusión de archivo en includes/functions_portal.php en Integrated MODs (IM) Portal 1.2.0 y anteriores permite a atacantes remotos ejecutar código PHP arbitrario mediante una URL en el parámetro phpbb_root_path. • http://secunia.com/advisories/22113 http://www.securityfocus.com/bid/84255 http://www.vupen.com/english/advisories/2006/3774 https://exchange.xforce.ibmcloud.com/vulnerabilities/29146 https://www.exploit-db.com/exploits/2430 •