prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP code via an invalid language value, which prevents the variables (1) $l_statsblock in prefs.php or (2) $l_privnotify in auth.php from being properly initialized, which can be modified by the user and later used in an eval statement.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpbb | Phpbb_group | 1.0.0 | 1.0.0 |
Phpbb | Phpbb_group | 1.2.0 | 1.2.0 |
Phpbb | Phpbb_group | 1.2.1 | 1.2.1 |
Phpbb | Phpbb_group | 1.4.0 | 1.4.0 |