phpBB Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2007-5173 - Vulnerability Database

phpBB Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2007-5173

Medium

Reference: CVE-2007-5173

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2007-5173

Title: phpBB Improper Control of Generation of Code (Code Injection) Vulnerability

Overview:

PHP remote file inclusion vulnerability in includes/openid/Auth/OpenID/BBStore.php in phpBB Openid 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the openid_root_path parameter.