cbcvebase.
CVE-2006-5435
published 2006-10-20

CVE-2006-5435: PHP remote file inclusion vulnerability in groupcp.php in phpBB 2.0.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the…

PriorityP431high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.22%
64.8th percentile
PHP remote file inclusion vulnerability in groupcp.php in phpBB 2.0.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: CVE and the vendor dispute this vulnerability because $phpbb_root_path is defined before use

Affected

1 ranges
VendorProductVersion rangeFixed in
phpbb_groupphpbb<= 2.0.10
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.