CVE-2006-5222 – Dimension of phpBB 0.2.6 - 'phpbb_root_path' Remote File Inclusions
https://notcve.org/view.php?id=CVE-2006-5222
Multiple PHP remote file inclusion vulnerabilities in Dimension of phpBB 0.2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/themen_portal_mitte.php or (2) includes/logger_engine.php. Múltiples vulnerabilidades de inclusión remota de archivo en PHP en Dimension de phpBB 0.2.6 y anteriores permiten a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro phpbb_root_path en (1) includes/themen_portal_mitte.php o (2) includes/logger_engine.php. • https://www.exploit-db.com/exploits/2481 http://secunia.com/advisories/22287 http://www.securityfocus.com/bid/20367 http://www.vupen.com/english/advisories/2006/3923 https://exchange.xforce.ibmcloud.com/vulnerabilities/29361 •
CVE-2006-5209 – phpBB Admin Topic Action Logging Mod 0.94b - Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-5209
PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Vulnerabilidad de inclusión remota de archivo en PHP en admin/admin_tocpi_action_logging.php en Admin Topic Action Logging Mod 0.95 y anteriores, usado en phpBB 2.0 hasta 2.0.21, permite a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro phpbb_root_path. • https://www.exploit-db.com/exploits/2475 https://exchange.xforce.ibmcloud.com/vulnerabilities/29345 •
CVE-2006-5191 – phpBB Static Topics 1.0 - 'phpbb_root_path' File Inclusion
https://notcve.org/view.php?id=CVE-2006-5191
PHP remote file inclusion vulnerability in includes/functions_static_topics.php in the Nivisec Static Topics module for phpBB 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Vulnerabilidad PHP de inclusión remota de archivo en includes/functions_static_topics.php en the Nivisec Static Topics module para phpBB 1.0 y anteriores permite a un atacante remoto ejecutar código PHP de su elección mediante una URL en el parámetro phpbb_root_path. • https://www.exploit-db.com/exploits/2477 http://secunia.com/advisories/22269 http://www.nivisec.com/article.php?l=vi&ar=20 http://www.osvdb.org/29506 http://www.securityfocus.com/bid/20353 http://www.vupen.com/english/advisories/2006/3916 https://exchange.xforce.ibmcloud.com/vulnerabilities/29347 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2006-5094 – phpBB XS 0.58a - 'phpbb_root_path' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-5094
PHP remote file inclusion vulnerability in includes/functions_kb.php in the phpBB XS 2 (Spain version) allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter, a different vector than CVE-2006-4780 or CVE-2006-4893. Vulnerabilidad PHP de inclusión remota de archivo en includes/functions_kb.php en el phpBB XS 2 (version española) permite a un atacante remoto ejecutar código PHP de su elección a través de una URL en el parámetro phpbb_root_path, un vector diferente que CVE-2006-4780 o CVE-2006-4893. • https://www.exploit-db.com/exploits/2453 http://secunia.com/advisories/22177 http://securityreason.com/securityalert/1660 http://www.nyubicrew.org/adv/solpot-adv-10.txt http://www.securityfocus.com/archive/1/447292/100/0/threaded http://www.securityfocus.com/bid/20251 http://www.vupen.com/english/advisories/2006/3843 https://exchange.xforce.ibmcloud.com/vulnerabilities/29250 •
CVE-2006-5083
https://notcve.org/view.php?id=CVE-2006-5083
PHP remote file inclusion vulnerability in includes/functions_portal.php in Integrated MODs (IM) Portal 1.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. Vulnerabilidad PHP de inclusión de archivo en includes/functions_portal.php en Integrated MODs (IM) Portal 1.2.0 y anteriores permite a atacantes remotos ejecutar código PHP arbitrario mediante una URL en el parámetro phpbb_root_path. • http://secunia.com/advisories/22113 http://www.securityfocus.com/bid/84255 http://www.vupen.com/english/advisories/2006/3774 https://exchange.xforce.ibmcloud.com/vulnerabilities/29146 https://www.exploit-db.com/exploits/2430 •