CVE-2006-5191
published 2006-10-10CVE-2006-5191: PHP remote file inclusion vulnerability in includes/functions_static_topics.php in the Nivisec Static Topics module for phpBB 1.0 and earlier allows remote…
PriorityP337medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
3.12%
86.2th percentile
PHP remote file inclusion vulnerability in includes/functions_static_topics.php in the Nivisec Static Topics module for phpBB 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpbb | phpbb | <= 1.0 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
phpBB 1.0 functions_static_topics.php phpbb_root_path code injection (EDB-2477 / XFDB-29347)
vuldb·2026-04-23·CVSS 5.1
CVE-2006-5191 [MEDIUM] phpBB 1.0 functions_static_topics.php phpbb_root_path code injection (EDB-2477 / XFDB-29347)
A vulnerability, which was classified as critical, has been found in phpBB 1.0. Affected by this issue is some unknown functionality of the file includes/functions_static_topics.php. Performing a manipulation of the argument phpbb_root_path results in code injection.
This vulnerability is cataloged as CVE-2006-5191. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
GHSA
GHSA-fq34-vcp4-h3rh: PHP remote file inclusion vulnerability in includes/functions_static_topics
ghsa_unreviewed·2022-05-01
CVE-2006-5191 [MEDIUM] CWE-94 GHSA-fq34-vcp4-h3rh: PHP remote file inclusion vulnerability in includes/functions_static_topics
PHP remote file inclusion vulnerability in includes/functions_static_topics.php in the Nivisec Static Topics module for phpBB 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/22269http://www.nivisec.com/article.php?l=vi&ar=20http://www.osvdb.org/29506http://www.securityfocus.com/bid/20353http://www.vupen.com/english/advisories/2006/3916https://exchange.xforce.ibmcloud.com/vulnerabilities/29347https://www.exploit-db.com/exploits/2477/http://secunia.com/advisories/22269http://www.nivisec.com/article.php?l=vi&ar=20http://www.osvdb.org/29506http://www.securityfocus.com/bid/20353http://www.vupen.com/english/advisories/2006/3916https://exchange.xforce.ibmcloud.com/vulnerabilities/29347https://www.exploit-db.com/exploits/2477/
2006-10-10
Published