CVE Vulnerabilities

CVE-2006-2865

Published: Jun 06, 2006 | Modified: Oct 18, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

** DISPUTED ** PHP remote file inclusion vulnerability in template.php in phpBB 2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: followup posts have disputed this issue, stating that template.php does not appear in phpBB and does not use a $page variable. It is possible that this is a site-specific vulnerability, or an issue in a mod.

Affected Software

Name Vendor Start Version End Version
Phpbb Phpbb_group 2.0 2.0
Phpbb Phpbb_group 2.0.1 2.0.1
Phpbb Phpbb_group 2.0.2 2.0.2
Phpbb Phpbb_group 2.0.3 2.0.3
Phpbb Phpbb_group 2.0.4 2.0.4
Phpbb Phpbb_group 2.0.5 2.0.5
Phpbb Phpbb_group 2.0.6 2.0.6
Phpbb Phpbb_group 2.0.6c 2.0.6c
Phpbb Phpbb_group 2.0.6d 2.0.6d
Phpbb Phpbb_group 2.0.7 2.0.7
Phpbb Phpbb_group 2.0.7a 2.0.7a
Phpbb Phpbb_group 2.0.8 2.0.8
Phpbb Phpbb_group 2.0.8a 2.0.8a
Phpbb Phpbb_group 2.0.9 2.0.9
Phpbb Phpbb_group 2.0.10 2.0.10
Phpbb Phpbb_group 2.0.11 2.0.11
Phpbb Phpbb_group 2.0.12 2.0.12
Phpbb Phpbb_group 2.0.13 2.0.13
Phpbb Phpbb_group 2.0.14 2.0.14
Phpbb Phpbb_group 2.0.15 2.0.15
Phpbb Phpbb_group 2.0.16 2.0.16
Phpbb Phpbb_group 2.0.17 2.0.17
Phpbb Phpbb_group 2.0.18 2.0.18
Phpbb Phpbb_group 2.0.19 2.0.19
Phpbb Phpbb_group 2.0.20 2.0.20
Phpbb Phpbb_group 2.0_beta1 2.0_beta1
Phpbb Phpbb_group 2.0_rc1 2.0_rc1
Phpbb Phpbb_group 2.0_rc2 2.0_rc2
Phpbb Phpbb_group 2.0_rc3 2.0_rc3
Phpbb Phpbb_group 2.0_rc4 2.0_rc4

References