CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-5235
https://notcve.org/view.php?id=CVE-2006-5235
PHP remote file inclusion vulnerability in includes/functions_kb.php in Dimension of phpBB 0.2.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. Vulnerabilidad de inclusión remota de archivo en PHP en includes/functions_kb.php en Dimension de phpBB 0.2.6 y anteriores permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro phpbb_root_path. NOTA: la procedencia de esta información es desconocida; los detalles están obtenidos de información de terceros. • http://www.vupen.com/english/advisories/2006/3923 •
CVSS: 7.5EPSS: 8%CPEs: 1EXPL: 2CVE-2006-5222 – Dimension of phpBB 0.2.6 - 'phpbb_root_path' Remote File Inclusions
https://notcve.org/view.php?id=CVE-2006-5222
Multiple PHP remote file inclusion vulnerabilities in Dimension of phpBB 0.2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/themen_portal_mitte.php or (2) includes/logger_engine.php. Múltiples vulnerabilidades de inclusión remota de archivo en PHP en Dimension de phpBB 0.2.6 y anteriores permiten a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro phpbb_root_path en (1) includes/themen_portal_mitte.php o (2) includes/logger_engine.php. • https://www.exploit-db.com/exploits/2481 http://secunia.com/advisories/22287 http://www.securityfocus.com/bid/20367 http://www.vupen.com/english/advisories/2006/3923 https://exchange.xforce.ibmcloud.com/vulnerabilities/29361 •
CVSS: 7.5EPSS: 6%CPEs: 31EXPL: 1CVE-2006-5209 – phpBB Admin Topic Action Logging Mod 0.94b - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-5209
PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Vulnerabilidad de inclusión remota de archivo en PHP en admin/admin_tocpi_action_logging.php en Admin Topic Action Logging Mod 0.95 y anteriores, usado en phpBB 2.0 hasta 2.0.21, permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro phpbb_root_path. • https://www.exploit-db.com/exploits/2475 https://exchange.xforce.ibmcloud.com/vulnerabilities/29345 •
CVSS: 5.1EPSS: 6%CPEs: 1EXPL: 2CVE-2006-5191 – phpBB Static Topics 1.0 - 'phpbb_root_path' File Inclusion
https://notcve.org/view.php?id=CVE-2006-5191
PHP remote file inclusion vulnerability in includes/functions_static_topics.php in the Nivisec Static Topics module for phpBB 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Vulnerabilidad PHP de inclusión remota de archivo en includes/functions_static_topics.php en the Nivisec Static Topics module para phpBB 1.0 y anteriores permite a un atacante remoto ejecutar código PHP de su elección mediante una URL en el parámetro phpbb_root_path. • https://www.exploit-db.com/exploits/2477 http://secunia.com/advisories/22269 http://www.nivisec.com/article.php?l=vi&ar=20 http://www.osvdb.org/29506 http://www.securityfocus.com/bid/20353 http://www.vupen.com/english/advisories/2006/3916 https://exchange.xforce.ibmcloud.com/vulnerabilities/29347 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.1EPSS: 12%CPEs: 1EXPL: 2CVE-2006-5094 – phpBB XS 0.58a - 'phpbb_root_path' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-5094
PHP remote file inclusion vulnerability in includes/functions_kb.php in the phpBB XS 2 (Spain version) allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter, a different vector than CVE-2006-4780 or CVE-2006-4893. Vulnerabilidad PHP de inclusión remota de archivo en includes/functions_kb.php en el phpBB XS 2 (version española) permite a un atacante remoto ejecutar código PHP de su elección a través de una URL en el parámetro phpbb_root_path, un vector diferente que CVE-2006-4780 o CVE-2006-4893. • https://www.exploit-db.com/exploits/2453 http://secunia.com/advisories/22177 http://securityreason.com/securityalert/1660 http://www.nyubicrew.org/adv/solpot-adv-10.txt http://www.securityfocus.com/archive/1/447292/100/0/threaded http://www.securityfocus.com/bid/20251 http://www.vupen.com/english/advisories/2006/3843 https://exchange.xforce.ibmcloud.com/vulnerabilities/29250 •