CVSS: 7.5EPSS: 16%CPEs: 1EXPL: 2CVE-2006-5309 – phpBB Prillian French Mod 0.8.0 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-5309
PHP remote file inclusion vulnerability in language/lang_french/lang_prillian_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Vulnerabilidad de inclusión remota de archivo en language/lang_french/lang_prillian_faq.php en el módulo Prillian French 0.8.0 y anteriores para phpBB permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro phpbb_root_path. • https://www.exploit-db.com/exploits/2550 http://secunia.com/advisories/22430 http://securityreason.com/securityalert/1732 http://www.securityfocus.com/archive/1/448663/100/0/threaded http://www.securityfocus.com/bid/20520 http://www.vupen.com/english/advisories/2006/4040 https://exchange.xforce.ibmcloud.com/vulnerabilities/29565 •
CVSS: 6.8EPSS: 7%CPEs: 2EXPL: 3CVE-2006-5306 – phpBB Journals System Mod 1.0.2 RC2 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-5306
Multiple PHP remote file inclusion vulnerabilities in the Journals System module 1.0.2 (RC2) and earlier for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/journals_delete.php, (2) includes/journals_post.php, or (3) includes/journals_edit.php. Múltiples vulnerabilidades de inclusión remota de archivo en PHP en el módulo Journals System 1.0.2 (RC2) y anteriores para phpBB permiten a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro phpbb_root_path en (1) includes/journals_delete.php, (2) includes/journals_post.php, o (3) includes/journals_edit.php. • https://www.exploit-db.com/exploits/2522 http://secunia.com/advisories/22387 http://securityreason.com/securityalert/1731 http://securitytracker.com/id?1017058 http://www.securityfocus.com/archive/1/448443/100/0/threaded http://www.securityfocus.com/bid/20484 http://www.vupen.com/english/advisories/2006/4029 https://exchange.xforce.ibmcloud.com/vulnerabilities/29491 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.8EPSS: 11%CPEs: 3EXPL: 2CVE-2006-5301 – phpBB SpamBlocker Mod 1.0.2 - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-5301
PHP remote file inclusion vulnerability in includes/antispam.php in the SpamBlockerMODv 1.0.2 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Vulnerabilidad de inclusión remota de archivo en PHP en includes/antispam.php en el módulo SpamBlockerMODv 1.0.2 y anteriores para phpBB permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro phpbb_root_path. • https://www.exploit-db.com/exploits/2533 http://marc.info/?l=bugtraq&m=116076619122083&w=2 http://secunia.com/advisories/22356 http://www.securityfocus.com/bid/20501 http://www.vupen.com/english/advisories/2006/4028 https://exchange.xforce.ibmcloud.com/vulnerabilities/29506 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.1EPSS: 11%CPEs: 1EXPL: 2CVE-2006-5305 – phpBB lat2cyr Mod 1.0.1 - 'lat2cyr.php' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-5305
PHP remote file inclusion vulnerability in lat2cyr.php in the lat2cyr 1.0.1 and earlier phpbb module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Vulnerabilidad de inclusión remota de archivo en PHP en lat2cyr.php en módulo lat2cyr 1.0.1 y anteriores permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro phpbb_root_path. • https://www.exploit-db.com/exploits/2546 http://secunia.com/advisories/22432 http://securityreason.com/securityalert/1729 http://www.securityfocus.com/archive/1/448660/100/0/threaded http://www.securityfocus.com/bid/20513 http://www.vupen.com/english/advisories/2006/4050 https://exchange.xforce.ibmcloud.com/vulnerabilities/29572 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-5235
https://notcve.org/view.php?id=CVE-2006-5235
PHP remote file inclusion vulnerability in includes/functions_kb.php in Dimension of phpBB 0.2.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. Vulnerabilidad de inclusión remota de archivo en PHP en includes/functions_kb.php en Dimension de phpBB 0.2.6 y anteriores permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro phpbb_root_path. NOTA: la procedencia de esta información es desconocida; los detalles están obtenidos de información de terceros. • http://www.vupen.com/english/advisories/2006/3923 •