cbcvebase.
CVE-2005-2086
published 2005-07-05

CVE-2005-2086: PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code.

PriorityP260high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
85.37%
99.7th percentile
PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code.

Affected

1 ranges
VendorProductVersion rangeFixed in
phpbb_groupphpbb

Detection & IOCsextracted from sources · hover to see the quote

path/phpBB2/viewtopic.php
url/viewtopic.php?t=<topic>&highlight=%2527%252ephpinfo()%252e%2527
  • Monitor HTTP GET requests to viewtopic.php containing a 'highlight' parameter with URL-encoded single quotes or dot-concatenation patterns (e.g., %27, %2527, %252e), which are characteristic of preg_replace() code injection attempts.
  • Alert on GET requests to viewtopic.php where the highlight parameter contains double-URL-encoded sequences such as %2527 or %252e, indicating attempted bypass of input filtering.
  • Probe detection: attackers may first send a phpinfo() payload to fingerprint the target before launching a full exploit. Alert on viewtopic.php responses containing 'phpinfo' output.
  • Affected versions are phpBB 2.0.4 through 2.0.15 inclusive. Scope detection rules to installations running these versions.
  • ·The Metasploit module auto-discovers a valid topic ID by iterating topic IDs 1–32 before launching the exploit; defenders should be aware that a series of sequential viewtopic.php?topic=N requests may precede the actual attack.
  • ·The exploit targets the default phpBB installation path /phpBB2; installations under a different URI root will require adjusted detection signatures.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.