db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbb_root_path parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpbb | Phpbb_group | 2.0_rc2 | 2.0_rc2 |
Phpbb | Phpbb_group | 2.0_rc1 | 2.0_rc1 |
Phpbb | Phpbb_group | 2.0_rc3 | 2.0_rc3 |
Phpbb | Phpbb_group | 2.0_beta1 | 2.0_beta1 |